Cisco just released a vulnerability list for the ASA’s. Read more
Reading 10/8/14
The SANS Stormcast mentioned the Cuckoo Sandbox for malware research, so I took a few minutes and checked it out. Based on the About and FAQ pages, this looks like a VM style sandbox to document what malware is actually doing to a Windows machine. How it works – I don’t know as I went tl;dr on it. If you are interested in malware forensics, this bad boy might be just what you needed. Read more
Reading 10/7/14
Scheduled Tasks: 0x80090016: Keyset does not exist. – One of my 2003 servers decided to go stupid on my scheduled tasks…yes I know I said 2003. Easy fix – just watch that you reset the task’s user account info. Read more
Anonymous announces #OpRemember – Primary target Financal Sector
FYI – Anonymous announced #OpRemember, which appears to be in recon mode right now. The financial sector, government, biotech (Monsanto), and what I assume are organizations responsible for putting Fluoride in water/products. Read more
Reading for 10/6
SANS ISC StormCast – mention of two new NMAP diary entries which I want to look into more. Read more
Reading for 10/3/14
As is the case lately, I’m far too busy to observe “f*** off Friday,” where I try to limit operational work and focus on learning something new. Next week I hope to bring this back in play. As usual, work got in the way and I couldn’t get my newsfeeds done until the end of the day. Hope someone finds anything here useful.
Reading for 10/2/14
The day started with today’s SANS ISC StormCast.
WSUS Reporting with Powershell & WSUS automatic E-mail reports HOWTO – I’m attempting to automate my daily processes, so getting an email from WSUS telling me who needs patches is great. Now to find the time to set it up! Read more
Configuring my System i for Kerberos authentication against two AD Domains
I spent a couple days this week attempting to get my two System I’s to authenticate against the AD domain we are going to. I thought it would be easy, but as with most things IBM it wasn’t. My biggest hurdle was getting the AS/400’s to talk AES to the new Windows 2008 R2 domains. Read more
Bash patches from major vendors
Not much meat to this one, just a list of links to major products that are affected by ShellShock: Read more
Things I read today…
I know the title is rather boring, maybe I will think of something more exciting later. I thought it might be worthwhile to share what I read in regards to information security today, and more importantly why. We infosec professionals read so many blogs, newspapers, and articles today that I’m surprised we read anything for pleasure. Hopefully this helps someone, or at least gives me a reference back to something cool I read later on. Read more