PowerShell
Get file or folder permissions using PowerShell
The Get-Acl cmdlet in PowerShell’s Security module (Microsoft.PowerShell.Security) does a great job of getting file or folder permissions (aka the Access Control List or ACL).…
Tag
Security
Security
Dealing with WordPress’ Unauthenticated Privilege Escalation Vulnerability in a REST API Endpoint
On Thursday, WordPress.org released WordPress 4.7.2, fixing the following four vulnerabilities. The user interface for assigning taxonomy terms in Press This is shown to users…
eDiscovery
BleachBit’s claim of permanently deleting emails from Exchange
In a recent news segment featuring BleachBit, Fox Business questioned whether Democratic presidential nominee Hillary Clinton may have used the software to permanently delete emails…
Google
Is GoGo’s use of a fake SSL certificate a Man-In-The-Middle attack?
Adrienne Porter Felt, an engineer on Google’s Chrome security team, recently found in-flight WiFi service provider GoGo using a fake certificate for Google.com and tweeted…
Security
Net neutrality and how ISPs can impact your email security
There was a time ISPs limited themselves to providing layer 3 connectivity. You got a connection, and if the link was up and your computer…
Archiving & Compliance
Change mailbox audit logging age limit in Exchange 2010 and later
In Exchange 2010 and later, you can use Mailbox Audit Logging to enable auditing of mailboxes for actions taken by mailbox owners, delegates and administrators.…
Active Directory
Exchange 2010: Change security groups to distribution groups
Distribution groups are a well-known concept for Exchange admins. Quite simply, a distribution group is an Active Directory group that’s Exchange-enabled and therefore has an…
Active Directory
Auditing Distribution Group Membership Changes
Exchange 2010 includes Administrator Audit Logging functionality to log all administrator actions. Because all administrator actions, including those taken using the EMC and the new…
Administration
Exchange ActiveSync: What is the Allow/Block/Quarantine List?
If you’re an Exchange admin happy about how Exchange ActiveSync (EAS) just hums along with mobile devices supporting the EAS protocol, and the multitude of…
Security
Exchange team posts guidance for the ASP.NET vulnerability
Late last week Microsoft released Microsoft Security Advisory (2416728), “Vulnerability in ASP.NET Could Allow Information Disclosure. The vulnerability is being investigated by the Microsoft Security…