The Number 1 reason is: “We do not do an adequate job of patching and paying attention to security!” Again and again we can find reports and stories of entities not doing basic tasks: Above image is from Protiviti report Why are the basics not being done? Because a concerted effort to manage IT … Read more
From WSJ article On May 7th hackers were able to shut down a number of city of Baltimore computers. They demanded $100k worth of bitcoins to release their stranglehold. On this day that is about 13 Bitcoins (value of Bitcoins fluctuates). So Baltimore is refusing to pay as they should. The ransomware the hackers used … Read more
Is your Windows10 version obsolete already? there are many versions of Windows10 and it depends on when it was released, example – the first one version 1507 released July 2015 has a end of service date of May 9, 2017. The problem is every software manufacturer Can’t or doesn’t keep releasing vulnerability updates forever. The … Read more
I needed to run OpenVAS (OpenVAS stands for Open Vulnerability Assessment System) the Linux based vulnerability management software on a virtual machine, which means it does not have its own monitor that one sits at to see this screen: OpenVAS is made by Greenbone, “which develops OpenVAS as part of their commercial vulnerability management product … Read more
There are 12 pieces to PCI compliance, let’s list them and find if they are applicable, or if we can minimize our attention. first of all it is not a major point in the standards, but creating an inventory of devices is paramount in becoming PCI compliant. Being compliant will also be easier for you if … Read more