This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ

Contests and Giveaways

cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Browse the Community

Staff Picks

  • The Day Lansweeper Became a Lifesaver: A SysAdmin's Battle with Ransomware

    The Day Lansweeper Became a Lifesaver: A SysAdmin's Battle with Ransomware

    ransom ware jpegThe year was 2016.  I was sitting at my desk, doing work as usual.  I over-sugared my coffee again, but didn't feel like walking back to the breakroom to make a new cup.  The other Sr. Engineer was training one of the Jr. Engineers.  ...

    • 3447 Views
    • 2 replies
    • 9 kudos
    on 10-25-2024
  • My beautiful horse

    My beautiful horse

     This is my buddy after working hours that remove all the stress and the best enjoyable part in my life. This horse provide me with the need support and add an enjoyment to my life. I wish I could have more time with him.This is the most beautiful th...

    • 2170 Views
    • 0 replies
    • 9 kudos
    on 07-22-2024

Latest entries in Contests and Giveaways

No posts to display.
RansomeWare and Users vs SRP and LS
PART I. Nothing boded ill:It was Friday the 13th, 13 hours and 13 minutes. Nothing boded ill. The accountant in charge of payroll received an e-mail with an attachment and a suggestion to launch an interactive greeting card.She entered the password and unpacked the file, then launched the executable file and waited for the funny picture.The result came quickly - all the company's payroll data disappeared in an instant!Part II. Quick restore:Situation concerned the user and she filed a request to IT HelpDesk.Upon receipt of the request, we immediately disconnected the computer from the network. There were over 5,000 files encrypted on network shares.We rolled back the data to an overnight backup, halfway through the day users had to re-fill the data.Part III. Avoid problem:To avoid future problems, we configured Software Restriction Policy (SRP).Example, for zip (*We have a lot of exceptions):%userprofile%\AppData\Local\Temp\*.zip\*.bat %userprofile%\AppData\Local\Temp\*.zip\*.cmd %userprofile%\AppData\Local\Temp\*.zip\*.com %userprofile%\AppData\Local\Temp\*.zip\*.exe %userprofile%\AppData\Local\Temp\*.zip\*.js %userprofile%\AppData\Local\Temp\*.zip\*.jse %userprofile%\AppData\Local\Temp\*.zip\*.pif %userprofile%\AppData\Local\Temp\*.zip\*.scrAnd created a report in Lansweeper to track SRP-triggers:Select Top 10000000 tblAssets.AssetID, tblAssets.AssetName, tblAssets.IPAddress, tblAssets.Username, tblADusers.OU, tblNtlogSource.Sourcename, tblNtlog.Eventcode, tblNtlog.TimeGenerated, tblNtlogMessage.Message From tblAssets Inner Join tblNtlog On tblAssets.AssetID = tblNtlog.AssetID Inner Join tblNtlogMessage On tblNtlogMessage.MessageID = tblNtlog.MessageID Inner Join tblNtlogSource On tblNtlogSource.SourcenameID = tblNtlog.SourcenameID And (tblNtlogSource.Sourcename = 'Microsoft-Windows-SoftwareRestrictionPolicies' Or tblNtlogSource.Sourcename = 'Software Restriction Policies') Left Join tblADusers On tblADusers.Username = tblAssets.Username Order By tblNtlog.TimeGenerated DescWe didn't catch any more encryptors.
Honored Sweeper III
2
Lansweeper on-prem (ticketing) with SIEM Wazuh
Lansweeper on-prem (ticketing) integration with SIEM Wazuh.
Scout Sweeper II
1
Lansweeper & Plattner Golf Pty Ltd (Fancourt)
Plattner Golf Pty Ltd (Fancourt) George South Africa - Fancourt, South Africa’s award-winning golf resort, is situated in the heart of the spectacular Garden Route. We are 100% dependent on Lansweeper and use it for asset management, network management, strategic planning, some security & reporting and we love the knowledgebase that assist with business continuity in terms of documenting unique IT processes or tasks. We can also identify rouge assist and address it as required. We use Lansweeper permanently for support and connect to PC's directly with UVNC, reboot, ping, access drives etc. which also assist the IT team to keep up to date on the general status of our devices and network. We just completed our 3 year capex budget using Lansweeper discovery tools and reports. Number of assets out of warrantee, older software that need to be replaced, number of assets older than certain date to be replaced. Operating systems that needs to be updated. We also just started to manage third party software versions using the deployment tool. e.g Acrobat & UVNC which is critical to keep the version the same and updated throughout the company due to the rising security risks of vulnerabilities in these applications. We keep our accounting asset ledger in line with Lansweeper with integrated work flows. Our accounts department even view Lansweeper confirm IT asset verification, and will accept it as the Final verification if the asset displays on status, green virtual LED. This means they don't have to drive out to verify that asset physically. The network diagram I find most interesting at this stage and believe it has massive potential in this regard. However it needs some more development. A picture is worth a 1000 words. First the network diagram must allow one to move groups and assets to a fixed position and must save it. Also it must allow you to create group assets by e.g IT cabinet or office so that it can be clearly separated on network diagram. This does not seem to work or work well. It would be great if the asset has a virtual led green, red, grey similar to the on-prem to show status of device. This will diagram can also be awesome and make could be a fantastic management tool. I would display it on my big screen permanently for monitoring. Well done Lansweeper team and thank for proactively engaging with us. Submitted by Arno Scheepers
Currently Away
0
Lansweeper & Logon Software Asia
1.)Automated Asset Discovery Across Complex Environments Many of our clients manage hybrid IT environments, including on-premises infrastructure, cloud resources, and IoT devices. Lansweeper’s agentless scanning capabilities have allowed these organizations to automatically discover 100% of IT assets—including hardware, software, network devices, and virtual machines—without relying on manual interventions. Example: A retail customer (Alshaya) operating across multiple countries was struggling to track laptops, mobile devices, and POS systems across stores. Lansweeper enabled automated discovery and real-time inventory updates, which reduced the time spent on manual asset tracking by 70%. Outcome: Improved visibility and control across distributed environments, ensuring nothing goes unnoticed. 2.)Detecting and Mitigating Rogue Assets Unapproved devices accessing corporate networks pose significant risks. Lansweeper’s continuous network passive scanning and alerts have allowed customers to identify rogue devices, such as unauthorized laptops or shadow IT applications, that could otherwise go undetected. Example: One of our banking clients discovered 30+ rogue IP cameras connected to their network that bypassed security protocols. The cameras were detected during a scheduled Lansweeper scan, prompting immediate action to isolate them and update security policies. Outcome: Ensured compliance with security policies and minimized the risk of data breaches or unauthorized access. Outcome:Ensured compliance with security policies and minimized the risk of data breaches or unauthorized access. 3.) Optimizing IT Costs Through License Management Lansweeper’s ability to scan installed software and licensing information has enabled customers to optimize costs by identifying unused or underutilized software licenses. It also helps organizations avoid penalties by ensuring compliance with licensing agreements. Example: A logistics company using multiple Adobe and Microsoft licenses discovered through Lansweeper that nearly 20% of licenses were inactive. This insight enabled them to reallocate licenses more efficiently and avoid unnecessary renewals. Outcome: Saved the organization approximately $50,000 annually by optimizing software subscriptions and licenses. Submitted by Anto Rex Sebastin.V
Currently Away
0
bsod1.jpg
Story: Double Trouble: A Tale of Two Data Losses
(My other story "Deception and Defense in the Darkness" is a what-if fiction story that's a possible security nightmare I think about now and could worry about in a year or two. What follows did happen, and I sometimes lose sleep if there's any doubt about my backups.)Many, many years ago, I was young and had an old enterprise-class laptop with a floppy disk drive and a small hard drive I was using for writing projects. It was late at night and a storm was coming in. Then, lightning struck nearby, close enough to shake the house and fill the air with static electricity. The resulting electrical surge fried the old laptop and floppy disk inside it, and I lost all my data. I was very upset. Many weeks of writing had been lost. The lesson I should have personally learned was (with the tech available then) that saving often and backing up to a floppy and removing it or an external drive of any kind was a good idea. Unfortunately, something similar happened again in a different way —  15 years later, a then-new work laptop I was working on at a restaurant froze up and reset into a blue screen loop that couldn't be fixed without replacing the main hard drive. I didn't lose as much time and work, but I recalled the incident from many years earlier and then resolved to avoid letting that kind of thing happening again. It took two lessons for me to learn, but learn I did.Always backup (whether laptops, servers, or databases) carefully and redundantly, because you never know when a disaster might strike, whether lightning, a technical flaw, or yes, human error.
Engaged Sweeper
0
Designer.jpeg
The Day Lansweeper Became a Lifesaver: A SysAdmin's Battle with Ransomware
The year was 2016.  I was sitting at my desk, doing work as usual.  I over-sugared my coffee again, but didn't feel like walking back to the breakroom to make a new cup.  The other Sr. Engineer was training one of the Jr. Engineers.  A normal day.Our phone rang.  "Infrastructure Dept. - How can we help you?" the Jr. Admin said.  "Your files on the public drive won't open?  Weird, that's the fourth call within the past 30 minutes.  I'll see what I can find out."He then turned to me and asked "The user said it was their G: drive.  Do you know what server hosts the G: drive?"  Full disclosure, I was the "new guy" so I didn't have all of that stuff memorized like the older admins.But - being a Sr. Admin, I came in and insisted on the purchase of Lansweeper in order to get their environment in order.  "Pull up the mapped drives report in Lansweeper - start typing the username, it will tell you what their G: drive maps to."Ah cool, thanks." -  It was that easy.  "You know, this tool is pretty handy."     "yeah, for real. career advice - wherever you go, get them to purchase Lansweeper - it will make your admin life much, much easier."I sat back and started working again, importing IP locations from their IPAM application into Lansweeper - and in one fell swoop, hundreds of locations were instantly categorized.  Boom."Uh - hey, some these files on the file server have weird extensions, and I can't open them."I froze.  "Oh crap. what's the file extension?"   - "Dot ENC".  "Go tell Security, NOW." - i blurted - I was logged on to VCenter already, so I immediately disconnected the virtual NICs from the VM, and notified my boss, and the security team."Go find where its coming from and kill it!" my boss said - and the security team scrambled.  He turned to me - "Aren't they supposed to know about things like this before we do? See what you can find""I'm on it."   -  The only thing is, I was the new guy, and I wasn't on the Cyber team - I had limited tools... but I had my SysAdmin experience, and, Lansweeper.  "Let's do this." I almost said out loud.I consoled into the VM and navigated through the public share, sorting by last modified date, and found the oldest encrypted files and their directory.  I saw the ransom .txt note, and pulled up the file metadata.  "Created by John Shipman (not his real name)"In an instant, I knew what machine he used via Lansweeper -  "His computer is LPT03281 - it's a laptop and he works out of the corporate location on the 7th floor - the MAC and IP address are this..""I'm calling him now" the Jr. Admin said - and quickly got on the phone.I saw the look on my boss's face as he saw the cyber team around my desk.  To be honest, I was used to it - I knew what he was thinking - "Why are they looking to us for the information? Don't they have their own tools?" One of the security team's workers came by - "I don't see that MAC address or IP address in the logs"   "How is that possible?" another security team member said.  "I dunno - it's just not there - I double-checked." "The user is on Vacation," the Jr. Admin said.  "We are trying to reach him now."Dang.  Something isn't right - Lansweeper can't be wrong, but then neither could Cisco ISE that the security team uses.  I went back to Lansweeper.  Ok, it's a laptop.  Let me look to see if there are multiple IP addresses. VPN? Attached network device?Then, I found it.  A docking station.  Lansweeper showed that it was connected on both the wireless, and wired via the docking station.  "Stupid Dells!" I actually said out loud (nothing unusual)  "They are supposed to switch from wireless to wired when you dock - this one kept both on""Here's the IP and MAC - it's the wireless and not the wired." “Oh dang – we missed that wireless subnet when setting up ISE” one team member said.  The security team lept into action, and worked quickly to resolve the issue.  "Restore from Backups," our boss said.  This part WAS our responsibility - which was perfectly fine.  I had set up an import from the backup system into Lansweeper, updating the 'Last Backup' field for each respective asset.  Everything that should be backed up, was, and I could quickly see that without logging in to the backup system."yessir - we have a good backup from an hour before it started.  Restoring the files now."I sat back, and sighed a deep sigh of relief.  Lansweeper once again helped me find an issue, and my experience as an Admin armed me with the knowledge of what to do.  Four things happened that day - my fellow admin team quit giving me a hard time about relying on Lansweeper so much and questioning my admin abilities, by boss was impressed that his Infrastructure team was on-point,  the CyberSecurity team found a missing subnet, and also all asked how they can have access and use Lansweeper.Just one of the many true stories I have of how Lansweeper helped prevent a bad dream from becoming an unmitigated true Horror story!
Lansweeper Employee
2
Bahrain 2017 Ransomware
In May 2017, we at Batelco, Bahrain’s leading telecommunications provider, faced a cyber threat that would haunt us for years. The world was already reeling from the devastating WannaCry ransomware, and despite our robust defenses, we were not spared.One sweltering afternoon, our top cybersecurity analyst noticed something strange. The network was behaving erratically, with multiple systems attempting to connect to external servers. It was the first sign of a breach. We quickly initiated a lockdown, isolating the affected systems, but it was too late. The ransomware had already infiltrated our critical servers.As the sun set, the true horror began. Files started disappearing, replaced by a chilling ransom note demanding payment in Bitcoin. The note was clear: pay up or lose everything. The screens flickered ominously, casting an eerie glow in the darkened office. We worked frantically, but the ransomware spread like wildfire, encrypting files and locking us out of our own systems.The night was filled with tension and fear. The ransomware had not only targeted our internal systems but also our customer service platforms. The potential for widespread disruption was enormous. We knew we had to act fast to prevent a catastrophe, but the hacker seemed to anticipate our every move.As we delved deeper into the network, we discovered the true extent of the attack. The ransomware was more sophisticated than anything we had seen before, with the ability to mutate and evade our defenses. It felt as if we were battling a malevolent entity, one that thrived on chaos and destruction.Our team devised a desperate plan. We would use a combination of backup systems and decryption tools to restore the affected data. It was a risky move, but it was our only hope. As we executed the plan, the office was plunged into darkness. The power had been cut, and we were left in the eerie silence, illuminated only by the glow of our screens.By dawn, the immediate threat had been neutralized, but the damage was done. The ransomware had left a trail of destruction, and the process of restoring the encrypted data was painstakingly slow. Our services remained largely unaffected, but the experience left us shaken.The incident was a wake-up call for us and the entire Bahraini tech community. It highlighted the ever-present danger of cyber threats and the importance of vigilance and preparedness. Our robust defenses had held firm, but the experience left a lasting impression on all of us.The Ransomware Nightmare at Batelco became a cautionary tale, a reminder of the relentless and evolving nature of cyber threats. For us, it was a testament to our resilience and dedication, and a stark reminder of the digital shadows that lurk in the modern world.
Engaged Sweeper
0
Cisco ISE
We use Cisco ISE to secure limit access on the internal network/vpn/wifi,etc. It has all of the switch ports that a user is connected to so that would be great detail to have for those devices that Lansweeper can't get detail on today.It also has all of the mac addresses for each device. It doesn't perfectly classify each one but at least it has the detail that Lansweeper could classify on its own. This would help in cleaning up Unknown or "network devices" in Lansweeper
Scout Sweeper
1
Integration with additional virtualization platforms
I will suggest integration with additional virtualization platforms like Red Hat Open Shift, KVM, Promox, HarvesterHCI.  The changes in VmWare licensing and pricing will force users to look for other affordable solutions.
Champion Sweeper II
2
Lansweeper & LightChange Technologies
Since 2004, LightChange Technologies has been designing and managing critical IT infrastructure for Internet Service Providers, Cloud Service providers, municipalities, energy providers, enterprises, financial institutions, and small to medium businesses. Our portfolio of cybersecurity solutions helps organizations reduce risk through framework adoption, establish governance programs, create maturity models, and implement a wide spectrum of cybersecurity controls. Automate your asset discovery: Through a mix of standardized active and passive scanning, we gain valuable insight into all aspects of networks, from the simple to the complex. Whether the infrastructure is simple or complex, Lansweeper provides a robust set of features to scan properly. From small networks with remote sites to virtualized and cloud environments, Lansweeper provides us the tools we need to ensure we have an accurate inventory. Find rogue devices: The key to making rogue device detection successful is to operationalize the process. We’ve successfully mastered the process of detection, alerting, and vetting so IT teams can address unknown devices quickly. By utilizing Lansweeper’s robust active and passive scanning options, we successfully detect any new devices on the network and take appropriate action. Optimize costs: Lansweeper’s accurate inventory detection, along with robust active and passive scanning capabilities, enables us to make sure we are investing in the right equipment replacements and keeping old, unsupported equipment out of the infrastructure. Through custom fields and established operational process, we ensure that asset owners get the information they need to make sound financial decisions. Lansweeper has become one of our go-to components in our Guardian Giant Cybersecurity Strategy as a Service offering. As the most important part of any cybersecurity framework, having a solid grasp of knowing what is on in your technology infrastructure is the first step in effectively reducing risk. Submitted by Michael O'Coners
Currently Away
0
Lansweeper & IT Anywhere - MSP
About Us: IT anywhere is a MSP, dedicated to delivering top-notch IT solutions to a diverse range of clients. Our mission is to help businesses optimize their IT infrastructure, enhance security, and reduce costs through innovative technology and expert management. Our team is composed of skilled IT professionals with years of experience in managing complex IT environments.  Before Lansweeper, manually tracking assets across multiple client infrastructures was time-consuming and prone to errors. With Lansweeper, we automated this process, gaining real-time visibility into all devices and software. This automation saved us hundreds of hours annually and ensured our asset inventory was always up-to-date. Lansweeper’s comprehensive scanning capabilities helped us identify unauthorized devices and software on our clients’ networks. For instance, we discovered several unapproved IoT devices that posed security risks. By promptly addressing these rogue assets, we enhanced our clients’ network security and compliance. Lansweeper’s detailed reports on software usage and licensing allowed us to identify underutilized resources. For example, we found that several clients were over-licensed for certain software. By adjusting their licenses based on actual usage, we saved them significant costs, which they could then reinvest in other critical areas. Submitted by Björn Calluy
Currently Away
0
SearchLight.png
HIPAA compliance? So far away, it's frightening
In 2010, I worked as an IT Consultant on a remediation project at an HMO.    I was examining and exploring the datacenter when I found a 12-port dialup modem under a rack hidden in a rats nest of cables.I followed the connections to a 'server', which was actually just a PC.  This PC was running Searchlight BBS - a Bulletin Board System from the 1980s.   The PC was also logged into the Netware servers as Administrator.  After a lot of inquiry, I learned that this was the system which medical clinics 'out in the weeds' used to submit insurance claims for medical work. So, think of it like this:Your doctor connects, via dialup, to another computer running a front-end which was hackable thirty years before.  He logs in and sends your medical claim with ALL your PII (Personally Identifiable Information - a HIPAA term) over the telephone lines in clear text.Once at the other end, it's stored locally on that PC in clear text and anyone walking up to that machine has Administrator access to EVERYTHING."AAAAAAAAAAAAARRRRRGGGGHHH"Epilogue:I brought this HIPAA Compliance problem up the tree all way to the director and could not find a single person of authority willing to take my concern seriously.  It was "just the way we do things".   Good Effing Grief!
Engaged Sweeper II
0
AI3.jpg
Deception and Defense in the Darkness
What keeps me up at night the most is a situation that could happen in the very near future, something like this...It was a dark and stormy night. The skeleton crew was tired after along evening spent in their SIEM dismissing false alarms and legitimate alerts from attempted intrusions. Suddenly a voice from a junior tech muttered, "We have a live one. We gotta deal with it now."The tired crew gathered around his screen, looking almost ghostly in the dim light. A new malware variant, similar to the dozens of attempted attacks had apparently infiltrated their network this time and only was detected after admin settings started changing.Before the team could even begin working past the first step in their incident response plan, their phones began ringing. Family, friends, co-workers. "Help me, there's smoke" one cried while coughing, sounding like a young child in danger. Another call was from a spouse, "Please help, I'm being followed!" The team leader, sweating, brow furrowed, was was able to note that something was off. The voice from their boss didn't quite sound right. It was a deepfake — maybe related somehow to the malware that was so quickly adapting even as variants were launched at their systems over and over."Stop! These are not real phone calls. Turn off your phones. Focus on the plan, follow the plan, now!" Her voice tried to sound controlled, shaking slightly still.Struggling mightily, they shook off the alarm and confusion and got to work. the malware had used their minutes of confusion to rapidly spread through their network, starting to corrupt files, encrypting data, and disabling defenses. But, isolating the infected systems, they flooded the network with decoy data, drawing the malware's attention away from critical assets. With quick thinking and relentless effort, they used advanced threat intelligence to identify the malware's patterns and vulnerabilities.As dawn approached, the storm outside began to wane, and so did the digital tempest within the office. The skeleton crew successfully quarantined the malware, restoring essential systems from clean backups and reinforcing their defenses. Exhausted but triumphant, they knew they had saved — even if just barely — the company from a potentially devastating attack, even as they themselves still felt vulnerable from the many questions yet to be answered.
Engaged Sweeper
0
Ransomware Encounter
Several years ago, while working for an Avionics company as a Systems Administrator, I received a call from an end-user about a weird message he had on his screen with a countdown timer. I immediately stopped what I was doing and went to see what the message was. Sure enough, there was a message on his screen that said we had less than 72 hours to pay if we wanted to receive the encryption key for our files. The employee had visited a normally good website that had been compromised. I had a significant amount of data, several terabytes that had been encrypted because of the level of access this employee had. Once I neutralized the malware, I sent communication to the entire company telling everyone to not make file-level changes for any files on the network shares. I was using Backup Exec at the time so once I deleted the encrypted files, I restored all the data from a backup tape. Fortunately, we only lost part of a day's work, but it still took an entire day to recover our data.Another not so scary, but funny story. At the time I was working for an Oil and Gas company and one of the VP’s was at one of our remote offices giving a presentation to the board members and some executives. She called me in a panic because nothing was being projected on the screen from her laptop. I walked through the steps over the phone making sure the projector was connected to the laptop correctly and the laptop was set to extend the display to the projector. The VP was frantic and told me several times that it should just work and she knows that everything is connected correctly. Calmly I said, “Did you take the lens cap off the projector?” The VP said, “Everything is working now, thanks!”
Engaged Sweeper
0
Qualys Integration
Qualys is the best tool for vulnerabilities and so many more. Patching, Security, Compliance are only a few from the top features. By integrating Qualys with Lansweeper we can take advantage of the ITAM info as well as securty features like patching and security gaps.
Scout Sweeper II
1
Lansweeper & Signal Alliance Technology Holding
Signal Alliance Technology Holding, an enterprise technology integrator with the goal of ensuring businesses become future-ready and opening a world of opportunity. At Signal Alliance Technology Holding, we've leveraged Lansweeper to revolutionize our IT operations. One of the most significant benefits we've realized is in asset discovery and management. Automating Asset Discovery: Before Lansweeper, our manual asset discovery process was time-consuming and error-prone. But with Lansweeper, we've automated asset discovery, significantly reducing the time and resources required.  Lansweeper's comprehensive scanning capabilities have enabled us to accurately identify and inventory all devices on our network, including servers, workstations, laptops, and mobile devices. Finding Rogue Assets: The challenge has always been identifying rogue devices that can pose security risks and consume valuable network resources. Lansweeper's continuous monitoring has helped us detect and isolate unauthorized devices, such as unauthorized Wi-Fi access points or personal devices connected to the corporate network. This has enhanced our network security and prevented potential breaches. Optimizing Costs: By leveraging on the detailed asset information, Lansweeper has empowered us to make data-driven decisions regarding IT investments and resource allocation. For example, we were able to identify underutilized servers and decommission them, resulting in significant cost savings on hardware, software licenses, and energy consumption. Submitted by Frank Chisom Ebuzoeme
Currently Away
0
Lansweeper & Allianz Trade or Euler Hermes
We work for Allianz Trade and are responsible for managing the organization's entire infrastructure related to information security. Lansweeper has significantly streamlined our asset management processes in several ways: **Automated Asset Discovery**: Lansweeper has helped automate the discovery of all devices on the network, including hardware, software, and virtual assets. This has reduced the manual effort needed to track assets, ensuring that we have an up-to-date inventory at all times. For example, after deploying Lansweeper, we discovered over 500 previously untracked devices, which allowed us to quickly categorize and monitor them. **Identifying Rogue Assets**: By continuously scanning the network, Lansweeper has made it easier to detect unauthorized or rogue devices connected to the infrastructure. For instance, during a network audit, we identified several unapproved devices that had bypassed our standard onboarding procedures. This enabled us to take immediate action to remove or isolate them from the network, thus improving security. **Cost Optimization**: Lansweeper has provided detailed reports on software licenses, allowing us to identify unused or underutilized licenses. This has resulted in significant cost savings by eliminating unnecessary renewals or reallocating resources. In one instance, we reclaimed about 15% of our software licenses, which translated into cost savings of over ₹2 lakhs annually. These examples highlight how Lansweeper has been instrumental in improving the overall visibility, security, and efficiency of our IT asset management. Submitted by Ashiq Ashraf
Currently Away
0
Lansweeper and JKP Informatika Novi Sad
JKP Informatika Novi Sad is a public utility company providing IT and telecommunication services for the city of Novi Sad, specializing in electronic governance and digital infrastructure solutions. Lansweeper has been an invaluable tool for our organization, helping us automate asset discovery and identify potential security threats in our network. We use it to detect rogue devices that might otherwise go unnoticed, allowing us to respond proactively before they become significant issues. For example, we’ve identified devices lacking antivirus protection or facing antivirus issues, enabling us to mitigate potential risks promptly. Additionally, Lansweeper has streamlined our workflow by optimizing how we manage and monitor our assets. The platform’s comprehensive reporting capabilities have been particularly useful for planning system upgrades and PC replacements, ensuring that we maintain a secure and up-to-date infrastructure. With Lansweeper, we’ve been able to save both time and resources by automating processes that previously caused various issues, like lacking disk storage space on file server, etc. By integrating Lansweeper into our operations, we’ve enhanced our security posture and gained greater control over our IT environment, allowing us to work more efficiently and cost-effectively. Submitted by Aleksandar Pavić
Currently Away
0
Worst fear- bank gets hacked
Imagine a major financial institution, like a bank, suddenly discovering that its entire customer database has been compromised. Hackers have gained access to sensitive information, including account numbers, social security numbers, and personal identification details.The hackers don’t just stop there—they start siphoning off small amounts of money from thousands of accounts, making it difficult to detect at first. Customers begin to notice unauthorized transactions, and panic spreads as news of the breach goes public. The bank’s reputation takes a massive hit, and trust in the financial system is shaken.The IT team scrambles to identify the breach’s source and secure the network, but the hackers have left behind sophisticated malware that keeps reopening backdoors. Meanwhile, the bank faces lawsuits, regulatory fines, and a massive effort to compensate affected customers.These scenarios are exactly what we are constantly trying to improve our defenses against.  Evolve Bank & Trust recently had something similar happen to them from the LockBit ransomware gang. Phishing Email: An employee received a seemingly legitimate email containing a malicious link. The email was crafted to look like it came from a trusted source, making it difficult to recognize as a threat.Malicious Link: When the employee clicked on the link, it triggered the download of malware onto their computer. This malware provided the hackers with a foothold in the bank’s internal network.Lateral Movement: Once inside, the hackers used the malware to move laterally across the network, gaining access to various systems and databases. They exploited vulnerabilities and used stolen credentials to escalate their privileges.Data Exfiltration: Over time, the hackers collected sensitive data, including customer names, social security numbers, and bank account details. They then exfiltrated this data without triggering immediate detection.
Curious Sweeper III
0
medo.jpg
The Scary Ransomware of the Dawn
Hello, community! My story is based on real and somewhat intense events... It all happened about 2 years ago. It was a quiet Monday after a weekend of monitoring when we all returned to the office. However, when we arrived, we were surprised by a chaotic scene: several people were complaining that their files were completely indecipherable. That's when we realized that it was a ransomware attack. The situation became even more complicated when we discovered that Friday's backup had not been removed from the server. This meant that the backup had also been encrypted. In addition to having to format and reinstall the machines and servers to ensure that no trace of the attack remained, we faced the challenge of restoring the entire file infrastructure from a backup that was already a week out of date. To make matters worse, all the files on the machines were accompanied by a dark message: a ransom.txt file, which demanded payment in bitcoins, with the promise of decrypting the data if the ransom was paid. Of course, the account to send the cryptocurrencies was also specified. The process was long and exhausting. It took two full weeks to format and reconfigure about 40 employee computers, ensuring that there was no trace of the hackers. The feeling of tension and urgency hung over us, but with a lot of effort and teamwork, we managed to stabilize the environment and restore operations for the approximately 40 affected employees. In the end, although it was a stressful experience, we learned valuable lessons about data security and the importance of rigorous backup protocols. Kind Regards, Mateus Dias
Engaged Sweeper III
0
Top