Skip to content

10 Scripts Every IT Admin Should Have in Their Toolbox

 

Here’s a list of the top 10 scripts every IT admin should have in their toolbox, categorized by their use cases to maximize efficiency, security, and system management.

1. Automated System Reboot Script

  • Purpose: Schedules and executes system reboots across servers or endpoints with minimal disruption.
  • Example: PowerShell or Bash script to reboot Windows/Linux machines in batches during off-hours.

Why It’s Essential: Ensures critical updates or changes requiring reboots are applied consistently without manual intervention.

 

2. User Account Management Script

  • Purpose: Automates the creation, modification, or deletion of user accounts in Active Directory (AD) or other systems.
  • Example: (1) PowerShell: Create new AD users in bulk from a CSV file. (2) Bash: Add or remove users in Linux environments.

Why It’s Essential: Saves hours of manual labor and ensures consistency in user access policies.

 

 

3. Hardware Inventory Script

  • Purpose: Collects detailed information about hardware components on endpoints or servers.
  • Example: A script that retrieves data on CPU, RAM, storage, and network adapters for auditing purposes.

Why It’s Essential: Provides a comprehensive view of hardware resources, aiding in capacity planning, troubleshooting, and ensuring compliance with organizational standards.

 

4. Disk Space Cleanup Script

 

  • Purpose: Identifies and clears unnecessary files to reclaim disk space.
  • Example: (1) PowerShell: Delete temp files, logs, or old backups on Windows servers. (2) Bash: Automate tmp folder cleanup on Linux systems.

Why It’s Essential: Prevents outages caused by full disks, especially on critical servers.

 

5. Security Audit Script

  • Purpose: Checks systems for common security misconfigurations or vulnerabilities.
  • Example: (1) PowerShell: Audit AD for weak passwords or unused accounts. (2) Bash: Scan open ports or outdated software using Nmap or Lynis.

Why It’s Essential: Helps proactively identify risks and stay compliant with security frameworks.

<

 

 

6. Network Connectivity Testing Script

  • Purpose: Diagnoses network issues by testing connectivity and logging results.
  • Example: Script to ping multiple servers, trace routes, and log results to a file.

Why It’s Essential: Quickly identifies network bottlenecks or outages, speeding up troubleshooting.

 

7. Firewall Management Script

  • Purpose: Automates vulnerability scans on systems or software.
  • Example: (1) PowerShell: Use Invoke-WebRequest to check for known CVEs in local software versions. (2) Bash: Scan Linux environments for misconfigured services or outdated packages.

Why It’s Essential: Ensures vulnerabilities are identified before attackers exploit them.

 

 

 

8. Application Deployment Script

  • Purpose: Automates the deployment of specific applications.
  • Example: (1) PowerShell: Deploy applications via MSI installers silently. (2) Bash: Use rpm or dpkg to install packages on Linux systems.

Why It’s Essential: Simplifies deploying or updating applications at scale, ensuring uniformity.

 

 

 

9. Backup and Restore Script

  • Purpose: Automates file, database, or system backups and provides restore options.
  • Example: Schedule daily file backups to a secure server. Automate database backups and encrypt them for secure storage. Restore critical data after a system failure using pre-configured scripts

Why It’s Essential: Safeguards data integrity and availability, minimizing downtime and ensuring business continuity in the event of accidental deletion, hardware failure, or cyberattacks.

 

 

10. Log Parsing and Monitoring Script

  • Purpose: Filters and analyzes log files for anomalies or critical events.
  • Example: (1) PowerShell: Extract failed login attempts from Windows Event Logs. (2) Bash: Monitor Linux system logs (/var/log) for unusual activity.

Why It’s Essential: Speeds up root cause analysis and helps detect potential security incidents.

 

 

These scripts not only streamline routine tasks but alsoenhance security, improve compliance, and save time for IT admins. By incorporating these into a central script library, IT teams can respond quickly to operational and security needs.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About VRX
VRX is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.

2023 A year of achievements and transformations at Pandora FMS!

On this exciting journey, we celebrate the successes of our team over the course of an incredibly productive year. From solving 2677 development tickets and 2011 support tickets to spending 5680 hours on projects and operations, each metric represents our shared dedication and success with our valued customers, which are the engine of our growth. 

We reinforced our commitment to security by becoming an official CNA in collaboration with INCIBE (National Cybersecurity Institute of Spain). This prestigious achievement placed Pandora FMS, Pandora ITSM and Pandora RC as the 200th CNA worldwide and the third CNA in Spain. Our recognition as CNA (Common Vulnerabilities and Exposures Numbering Authority) means that Pandora FMS is now part of a select group of organizations that coordinate and manage the assignment of CVE (Common Vulnerabilities and Exposures), uniquely identifying security issues and collaborating on their resolution.

During this year, we experienced an exciting brand unification. What started as Artica at Pandora FMS has evolved into a single name: Pandora FMS. This transition reflects our consolidation as a single entity, reinforcing our commitment to excellence and simplifying our identity.

Globally, we excelled at key events, from Riyadh’s Blackhat to Madrid Tech Show. In addition, we expanded into new markets, conquering China, Cameroon, Ivory Coast, Nicaragua and Saudi Arabia.

We evolved eHorus into Pandora RC and transformed Integria into Pandora ITSM, strengthening our presence in the market. We launched a new online course platform and developed a multi-version documentation system in four languages.

We proudly highlighted the technological milestone of the year: the creation of the MADE system (Monitoring Anomaly Detection Engine), the result of our collaboration with the Carlos III University of Madrid. Presented at the ASLAN 2023 Congress & Expo in Madrid, MADE uses Artificial Intelligence to monitor extensive amounts of data, automatically adapting to each management environment. This innovation sets a radical change in monitoring by getting rid of the need for manual rule configuration, allowing the adaptation to data dynamics to be fully autonomous.

This year was not only technical, but also personal. From the fewest face-to-face office hours in 17 years to small personal anecdotes, every detail counts.

Let’s celebrate together the extraordinary effort and dedication of the whole team in this new stage as Pandora FMS! Congratulations on an exceptional year, full of success in every step we took!

 

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

7 Cybersecurity podcasts to check out in 2024

The top cybersecurity podcasts today 

The world of cybersecurity is complex and constantly changing. For experts, beginners, and everyone in between, cybersecurity podcasts are a valuable source of knowledge.

In 2024, cybersecurity podcasts have become more varied and informative than ever. They provide insights, stories, and analysis for all levels of interest and expertise.

These podcasts explore various topics, from cybercrime mysteries to high-level digital security strategies.

Explore with us the seven best cybersecurity podcasts of this year, each bringing unique insights and crucial information in this field.

Darknet Diaries

01 Supporting-visual 1400x862Darknet Diaries,’ hosted by Jack Rhysider, explores the lesser-known aspects of the digital world.

Since its start in September 2017, the podcast has gained popularity for its in-depth cybercrime stories. Rhysider’s expertise in security engineering and SOC experience enriches each episode.

Listeners are drawn to ‘Darknet Diaries’ for its investigative style and insights into pen-testing. The podcast’s clear explanations and expert guests make complex subjects understandable. It’s an engaging and informative podcast, appealing to both IT professionals and the general public.

Hacked

02 Supporting-visual 1400x862Hacked’ explores how technology impacts our lives in unexpected ways.

This biweekly podcast shares stories about technology mishaps and cybersecurity, narrated with skill and insight. Since October 2015, it has attracted a loyal audience, reflected in its strong Spotify rating.

Jordan Bloemen adds narrative flair and creative expertise to the podcast. Scott Francis Winder contributes strategic insights from his experience in a leading creative agency. Their conversations turn technical topics into engaging, understandable stories, blending cybersecurity news with light-hearted elements.

Security Now

Security Now‘ stands out with the expertise of Steve Gibson and Leo Laporte in computer security. Steve Gibson’s over fifty years in programming have significantly shaped the cybersecurity industry. His notable work includes creating light pen technology and founding Gibson Research Corporation. Leo Laporte brings a wealth of knowledge from his long career in tech shows since 1991.

Launched in August 2005, this podcast is likely one of the oldest broadcasting in cybersecurity. It covers a broad range of tech events and security challenges, appealing to diverse listeners.

On a side note, all the transcripts of their shows are available on their old-school website for those who prefer reading.

CyberWire Daily

04 Supporting-visual 1400x862CyberWire Daily,’ produced by the CyberWire team, provides daily updates on cybersecurity. Since December 2015, it has become a trusted source of global cybersecurity expertise. Host Dave Bittner, who is experienced in digital media, makes complex cybersecurity issues understandable.

CyberWire, the creator of the podcast, started in September 2012 and is known for impartial, comprehensive cybersecurity coverage.

The podcast features a daily news format and special segments like ‘Career Notes,’ highlighting cybersecurity professionals’ paths, and ‘Research Saturday’ to discuss new studies.

Smashing Security

Smashing Security,’ with hosts Graham Cluley and Carole Theriault, has been discussing cybersecurity weekly since December 2016. Cluley, a pioneer in antivirus development and a respected blogger, has influenced cybersecurity for decades. Theriault, who started the Sophos Naked Security site, now directs a digital media company.

The podcast stands out for its engaging and conversational approach, often featuring interesting guests. Cluley and Theriault simplify cybersecurity topics, making them enjoyable and easy to understand.

They provide additional resources for listeners who want to explore topics more deeply.

‘Smashing Security’ combines expert knowledge with an accessible style.

Cybersecurity Simplified

Cybersecurity Simplified,’ a monthly podcast since January 2021, features hosts with extensive experience in the field. David Barton, a CTO and CISO with over twenty years in cybersecurity, shares his practical expertise. Susanna Song brings her 15 years of experience in journalism and communications, adding clarity and engagement to the podcast.

Each episode, under 30 minutes, simplifies online safety in a way everyone can understand. They focus on current cybersecurity news and trends, and Barton shares practical strategies from his CTO experience.

As one of the most accessible cybersecurity podcasts, ‘Cybersecurity Simplified’ is known for its blend of security experts’ analysis and clear explanations, ideal for understanding digital safety.

Risky Business

Risky Business‘ isn’t the 80s movie with Tom Cruise, but a long-running show that has been making waves since February 2007. The podcast, led by an experienced team, covers everything from technical details to emerging trends. Regular guest hosts add diversity and new perspectives to the discussions.

Listeners tune in for credible news and thoughtful analysis. They love the depth of expertise and the engaging storytelling style.

Praised for its common-sense style and balanced discussions, ‘Risky Business’ is both educational and accessible.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

The Cybercrime Season

As the festive lights begin to twinkle and the holiday season approaches, there is a not-so-jolly phenomenon lurking in the digital shadows: the annual boom in cybercrime. The 2022 holiday season witnessed an alarming 550% increase in unique threats, painting a concerning picture of the cyber threatscape.  Cybercriminals around the world are capitalizing on the holiday rush, leaving a trail of financial losses, fraud and compromised cybersecurity in their wake.

Counting the Cost

The financial loss from cybercrime during the holidays is staggering. In the UK alone, shoppers lost a jaw-dropping £10.6 million ($13 million) during the 2022 festive season. Norton’s 2022 findings reveal that about one in three adults (34%) in the U.S. are taking more risks with online shopping as the holidays draw near, echoing a global trend where 32% of adults admit that they are more lax about online security during the festive season.

Why Cyber Attacks Surge During the Holiday Season

Festive Mood: The holiday season brings a range of emotions, from joy to stress. People may be more susceptible to cyber threats when they are distracted or emotionally charged, making them an easy target for phishing attacks.

Holiday Shopping Season: The holiday season sees a significant increase in online shopping as people search for the perfect gifts. Cybercriminals are capitalizing on this surge using tactics such as creating fake online stores, phishing emails, and malicious links.

Travels & Public Networks: With many people traveling during the holidays, the use of unsecured networks and devices has become prevalent. Cybercriminals exploit vulnerabilities in public Wi-Fi, compromising the security of those transmitting sensitive information while on the go.

Holiday Edition Scams: Scammers, hackers, and criminals are taking advantage of the goodwill surrounding the holidays by launching fake charity websites or gift cards and fraudulent travel offers to exploit people’s generosity and trust.

Social Media Sharing: Holiday travels or family celebrations are often shared on social media. Cybercriminals may use this information to craft targeted attacks, such as phishing attempts or account takeover schemes.

Most Common Types of Holiday Season Attacks


Phishing:

Cybercriminals are sending deceptive emails, messages, ads or links designed to look like holiday communications, impersonating legitimate entities to trick users into disclosing sensitive information.

Ransomware:

Companies face increased vulnerability to ransomware attacks during the holiday season. The need to maintain uninterrupted operations and secure them during the busy season often makes companies more willing to pay the ransom as the potential loss of valuable data and the risk of operational disruptions become increasingly untenable.

DDoS Attacks:

Distributed Denial of Service attacks surge, targeting sites, organizations and online services to overwhelm them and disrupt their normal functioning. This leads to frustration among both employees and customers and causes a significant impact on both revenue and productivity.

Account Takeover (ATO):

During the holiday season, many factors cause people to pay less attention to their digital hygiene. This helps cybercriminals gain unauthorized access to user accounts by exploiting compromised credentials for various malicious activities.

 

Recommendations to Reduce Cybercrime Risks

  • Stick to well-known and reputable online retailers to minimize the risk of consumers falling victim to fake websites.
  • Enable two-factor authentication (2FA) whenever possible to protect your accounts from unauthorized access.
  • Regularly update antivirus and security software to stay protected against the latest threats.
  • Avoid entering sensitive information anywhere when using public Wi-Fi, especially when traveling.
  • Before making donations or taking advantage of holiday deals, verify the legitimacy of the company on the websites and offers to prevent falling for scams.
  • Proactively safeguard yourself against malicious websites, phishing attempts, and harmful content using web filtering that blocks access to dangerous resources and provides one more layer of security.
  • Educate yourself and stay informed about common cyber threats and scams to recognize and avoid potential risks.

By understanding the reasons behind the increase in cyber attacks, recognizing specific threats, and implementing recommended security measures, you can protect yourselves from the Grinches of the cyber world.

Let’s celebrate the holidays with joy, warmth, and a commitment to protecting ourselves and our digital cheer.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.

MSPs putting a stop to “hide and seek” within their environments with ESET Cloud Office Security

Amidst increased obfuscation of multistage malware attacks, MSPs need an effective way to secure cloud communication while avoiding the need for multiple unique network connection authorizations.

The days of simple and easily detectable malware are long gone. Recent campaigns by both OilRig and MuddyWater advanced persistent threat (APT) groups show that threat actors are constantly seeking new ways to hide their multistage malware attacks among files of commonly used cloud services. 

This presents a dilemma for managed service providers (MSPs) that rely heavily on cloud-based solutions. But how should MSPs defend against increasingly sophisticated attacks without the burden of trying to control every single stream of communication within the MSP environment?

A growing market and a growing threat

With the never-ending hunger for cloud-managed services, it is no surprise that the MSP market is constantly expanding, and business reports, such as MarketsandMarkets, expect further growth by around $100 billion U.S. dollars within the next five years.

Both MSPs and other outsourced business practices have proven to be the answer for countless companies seeking high-end solutions for reasonable prices. But there are two sides to every coin. Professional communications, services, and shared files all moving to the cloud has created a new breeding ground for sophisticated malware.

Threat actors deploying this malware are often profit-driven and/or state-sponsored APT groups using command-and-control (C&C) servers to communicate with compromised devices over targeted networks. When successful, these servers can issue commands to steal or encrypt data, spread malware, disrupt web services, and more.

To enable this approach, APT groups need to establish persistence within the targeted businesses, obfuscating malicious files and processes among legitimate ones.

A draft email you’ll never send … nor ever even wrote

ESET researchers have described recent attacks in detail while following the evolution of campaigns run by the OilRig group.

To avoid cybersecurity scanning tools, OilRig has not been deploying fully fledged malware but, instead, has scaled its attacks. While the initial attack vector of the recent campaigns remains unknown, presumably it was a phishing email. This email would contain a downloader that wouldn’t cause any specific damage but, as the name implies, is designed to secretly download additional malware from the internet. Several versions of these downloaders have been documented by ESET researchers.

Studying these downloaders, it is clear that OilRig is keenly focused on identifying new ways to obfuscate malware deployment using legitimate cloud service providers for C&C communication.

The first in the series, SC5k downloader, uses the a shared Microsoft Exchange email account and Microsoft Office Exchange Web Services API for C&C communication. Within this email account, the attackers create draft messages with hidden commands. Once the downloader infests a device, it will log in to the same account to receive both the commands and the payloads to execute. Its successor, OilCheck, works similarly but uses the Outlook mail API in Microsoft Graph. 

New versions of OilRig downloaders, ODAgent and OilBooster, communicate using the Microsoft Graph OneDrive API. They access a OneDrive account controlled by the attackers for C&C communication and exfiltration.

The evolution of malware-hiding capabilities was also recently noted in the case of another APT group linked to Iran called MuddyWater

In a separate MuddyWater campaign, described by DeepInstinct, the APT group reused previously known remote administration tools and hid them in the cloud-based content management system (CMS), called Storyblok, to host archives with compromised files.

ESET to help deal with the dilemma

The hiding capabilities of present-day C&C attacks have pushed businesses toward higher control over their network traffic. From standard network monitoring, it can go as far as individually authorizing any network connection.

However, the higher the control, the higher the workload on MSP admins and technicians who are already drained from a never-ending stream of alerts. So what do businesses choose: strict control that comes with alert fatigue or lower security standards that can result in a data breach?

With its MSP Program, ESET can help businesses deal with this dilemma. The program is based on the ESET PROTECT solution, which provides multilayered protection, and its higher tiers also integrate ESET Cloud Office Security (ECOS), which is designed to protect Microsoft 365 and Google Workspace applications.

ECOS — effectiveness in numbers*

  • 750,000 email threats detected
  • 360,000 phishing emails blocked
  • 21 million spam emails captured

*7-month period in 2023

In fact, these ESET security solutions can disrupt the described C&C processes at several stages, which means that companies don’t have to focus on network control as much.

Anti-phishing protection

Though the initial attack vectors of OilRig and MuddyWater campaigns are unknown, both APT groups have successfully kicked off their campaigns with phishing emails in the past. ECOS prevents users from accessing web pages known for phishing once they click on the phishing link in the email.

Antimalware protection

ESET’s defense against malware eliminates all types of threats. Moreover, ECOS scans all new and changed files in OneDrive, Google Drive, Microsoft Teams, and SharePoint Online.

ESET LiveGuard Advanced

If ESET malware detection engines detect a never-before-seen type of threat, they pass the file to the ESET cloud-based sandboxing tool ESET LiveGuard Advanced for further assessment.

Multi-tenant

ECOS multi-tenant functionality allows you to protect and manage multiple Microsoft 365 and Google Workspace tenants from one ESET Cloud Office Security console.

Conclusion

The growth of cloud-based business practices has ushered in cloud-based cyberattack tactics that MSPs need to deal with. And the results can be dire. With their privileged access to business networks, compromised MSPs can also be dangerous for their clients by triggering a supply chain attack.

The good news is that you don’t need to face those threats alone. Since its foundation in 1992, ESET has developed a robust multilayered defense system capable of stopping C&C attacks at different stages and much more. ESET solutions are also available for MSPs as a part of the ESET MSP Program. Don’t be the weak link in supplier relationships. Be the strongest. 

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×