Where do My Files Sent Using Teams Chat Go?

Where do My Files Sent Using Teams Chat Go?

Do you know what happens when you share a file via a Microsoft Team’s – Team Chat? That file is not just saved in the Teams chat but is also uploaded to either SharePoint or OneDrive depending if the chat was directly with another person or with a Team. In this blog, we will cover the locations that you can access shared files for future use. OneDrive: When sharing a file directly with another person using the Teams chat, the…

Read More Read More

Server (Un)Trust Account

Server (Un)Trust Account

Active Directory persistence through userAccountControl manipulation I’ve been doing some research on group Managed Service Accounts (gMSAs) recently and reading the MS-SAMR protocol specification for some information. I happened to stumble across some interesting information in the userAccountControl section which made us drop what we were doing to test it: Effectively, when the UF_SERVER_TRUST_ACCOUNT bit is set in the userAccountControl attribute of a computer object then Active Directory must set the same object’s primaryGroupId to the RID of the Domain…

Read More Read More

ProTip: How to Setup User Activity & Server Logon Scan in StealthAUDIT for Oracle

ProTip: How to Setup User Activity & Server Logon Scan in StealthAUDIT for Oracle

Now that you have been using StealthAUDIT for Oracle for a while, you might be wondering how to squeeze more value out of the product by enhancing the information it is collecting and reporting on.  StealthAUDIT for Oracle relies on the Oracle Traditional Auditing or Unified Auditing capabilities to collect and report on user activity, as well as successful or unsuccessful server or database logon activity. Neither Traditional Auditing nor Unified Auditing is turned on by default in an Oracle…

Read More Read More

What is a Data Protection Impact Assessment (DPIA)?

What is a Data Protection Impact Assessment (DPIA)?

Article 35 of the EU General Data Protection Regulation (GDPR) describes the requirement for organizations to “carry out an assessment of the impact of the envisaged processing operations on the protection of personal data”. This process referred to as a Data Protection Impact Assessment (DPIA), is an integral component of the GDPR, and if not carried out when required, can leave an organization open to enforcement action such as potentially steep fines.    In this blog post, we will take…

Read More Read More

What is Privacy by Design?

What is Privacy by Design?

In this era of big data, it is in an organization’s best interest to seek to safeguard their critical data assets, especially sensitive data, to the best of their ability. However, data breaches continue to occur, and according to certain studies, are happening every minute. And now with more consumer data being collected than ever, these breaches pose a real problem not only to an organization’s operations but to their credibility. But imagine if data security, and possibly more importantly…

Read More Read More

Data Privacy Essentials: #1 – Don’t Put Your Data at Risk. #2 – Don’t Forget #1

Data Privacy Essentials: #1 – Don’t Put Your Data at Risk. #2 – Don’t Forget #1

In my last blog, I stated that “data security can be achieved without data privacy, but you can’t effectively fulfill data privacy without data security. When it comes to complying with regulations, or protecting against breaches, if you don’t know your data, you won’t be able to justify it to a regulator, or safeguard it from malicious intent.” Complex, Heterogeneous Data Infrastructure Challenges Once you’ve discovered all the data in your organization, you can then write a report. However, data…

Read More Read More

Data Privacy and Security are Two Sides of the Same Coin

Data Privacy and Security are Two Sides of the Same Coin

Two things can be inherently related, even though they are thought of differently. Examples abound, from tragedy and comedy, to fear and elation. Many pairs just go hand in hand; like privacy and security.   Flipping a coin to resolve a decision will cause one person to win, and the other to lose. The same can be said for data privacy. Without data security, data privacy will be limited at best. The controls over data privacy are juxtaposed with the…

Read More Read More

How to Join Linux Hosts to Active Directory Using realmd & SSSD

How to Join Linux Hosts to Active Directory Using realmd & SSSD

This blog uses apt commands in its examples (for Debian-based distros like Ubuntu, Kali, Mint, etc.), however, examples have also been tested with yum/dnf commands (for RPM-based distros like CentOS, Red Hat, Fedora, openSUSE, etc.). A Very Brief Summary of Linux With Active Directory When joining a Linux host to Active Directory (AD), two components are required. The first component handles the central identity and authentication source. In this case, that’s Active Directory. The second component handles available domain discovery…

Read More Read More

Public Role in SQL Server

Public Role in SQL Server

Roles in relational databases make it easier to grant and revoke privileges from multiple users at once.  Multiple users can be grouped into one or more roles in a database. Rather than revoking or granting a privilege to a user or a group of users, the privilege can be granted or revoked from the ROLE.  In my previous blog, I talked about the PUBLIC role in Oracle.  In this blog, I will try to explain what the public role means…

Read More Read More

Easily Prevent More Breaches by Simply Preventing Bad Passwords

Easily Prevent More Breaches by Simply Preventing Bad Passwords

A recent cyber-attack on the Canadian government was successful because of a well-known attack technique, credential stuffing. If you’re not familiar, credential stuffing is just taking credentials from one breach and using it to compromise a new organization.  It is successful because 62% of people reuse personal passwords on work systems. News of this attack broke on Monday, August 17, 2020, and it highlights how real the cyberattack risk is for every organization. The question victims often ask themselves post-attack,…

Read More Read More

Start a Free Stealthbits Trial!

No risk. No obligation.

Privacy Preference Center

      Necessary

      Advertising

      Analytics

      Other