Sorry sysadmins, you just lost root access in the name of security
By Darren Pauli, 9 Oct 2014 Podcast Not one administrator to rule them all, but a few: that's the advice offered by seasoned penetration testers Aaron Beuhring and Kyle Salous to enterprises wanting to be less attractive to hackers.In a presentation at the MIRCon 2014 conference in Washington the duo listed a series of low cost changes to access controls, whitelisting, and group policies that could harden the enterprise enough to make targeted malware attacks quite expensive, hopefully prohibitively so.
Beuhring (@aaronbeuhring) and Salous (@KyleSalous) users will never stop running malware.
"You can train users all you want, but unless they are reverse-engineers, they aren't going to stop clicking things," Beuhring said.
Full Article and link to the Podcast
