Inward Turn

In the wake of the attack on Sony Pictures in the U.S., many are trying to validate the government’s claim that it was a hack perpetuated by North Korea. If this is true it is the first highly public incident involving state-sponsored cyber espionage, and there will likely be more in the future. The incident […]

Fixing Weak SSL the Easy Way

 IIS Crypto is a great free tool produced by Nartac Sotware that allows Windows Server/IIS admins to easily enable/disable weak SSL cryptos and ciphers. This is a PCI requirement, and I’ve seen it show up on many scan using tools designed to probe for compliance. It’s usually a tedious process of adding/changing registry keys, right […]

Auditing By The Seat of Your Pants

Whenever you’re stuck in a small shop with a limited budget, it can be pretty hard to find a good, inexpensive application that can do five things: Port scanning Vulnerability scanning Some kind of patch level detection Wrap everything up into reporting that can show all the results by machine. Doesn’t cost an arm, leg, […]