Information Security Blogs



by: Ryan Strayer

New Password Standards? Not so Fast!

Passwords… it's no secret; most of us are really bad at creating and maintaining passwords. In fact, 81% of hacking related breaches leveraged either stolen or weak passwords. But unfortunately, passwords won't go away any time soon. Almost every ....Read More...



by: Greg Peterson, CEH

Bad Kitty

How Mimikatz is used to exploit your network and what you can do about it. For this blog post I wanted to highlight a common attack vector that we often use in our penetration testing. My goal is to run through the process at a high level, and then cover some of the steps you can take to mitigate your risk. Specifically, this post will cover a memory scraping utility known as Mimikatz. Mimikatz has been out in the wild for roughly five years now....Read More...



by: Dave Kelly, CEH

Saying Goodbye to NetBIOS

NetBIOS (Network Basic Input/Output System) was created in the early 1980's, but is surprisingly still alive and well on many networks today. Microsoft Windows still uses it for its name resolution function (often by default), when....Read More...



by: Ryan Strayer

TOP 5 LAPTOP SECURITY TIPS

Today's mobile workforce has generated the awareness and subsequent need for mobile security like never before. As data growth increases, the requirements set forth in new laws and regulations also demand that organizations demonstrate due-care in protecting sensitive customer data....Read More...



by: Jeremy Johnson, CISSP

Penetration Test vs Vulnerability Assessment

Some say Potato, some say Tomato. The term Penetration Test has been thrown around a lot in the Information Security industry. Some vendors and institutions use the term Penetration Test interchangeably with Vulnerability Scan or Assessment, when in fact, the two define very different scopes, methodologies, and deliverables. The recently updated FFIEC ...Read More...



by: Stan Skwarlo, CISA, CISSP

Cyber Security Baselines and Anomaly Detection

Baselining and anomaly detection are security concepts that have been around for quite a while, however, recently both have received renewed interest. This new attention stems from increased regulatory focus on incident response and that in today's cybersecurity world it's no longer a question of "if" but "when." Cyber-attacks have evolved to the point where they can pass through technical defenses, blend into an environment and remain undetected as long as...Read More...



by: Jim Baird, CBCP

Incident Response!

Incident Response Plans (IRP) have been expected by banking regulators for years. But with the ever-increasing threats of cybercrime, malware, breaches, ransomware, etc. the expectations have morphed into having a far more robust, comprehensive, cyber-ready, and tested IRP. Further, the FFIEC Cybersecurity Assessment Tool devotes an entire Domain to the topic (Domain 5: Cyber Incident Management and Resilience). Consider the following next time you .....Read More...




by: Jeremy Johnson CISSP

Sometimes, the Patch is Only the Beginning

Not all patches work out of the gate. Anyone who has been responsible for patch management knows that it is a never ending cycle of download, test, patch and repeat. What is often overlooked, unfortunately, is that sometimes, even when a patch is applied, the vulnerability it is supposed to fix isn't always fixed…not right away at least.....Read More...




by: David Matt CEH

Recommended Audit Policy Settings

The following recommended settings are based on Microsoft and industry best practices. Note that these settings are ....Read More...




by: David Matt CEH

Eliminating Local Administrative
User Access Requirements in Your Environment

Back in the Windows 95/98 days, Windows had no file system security, and users always had full control of their systems. With the advent of Windows NT/XP, granular access controls and limited....Read More...



by: Bill Brock

IT Security Assessment Bids
The Good, The Bad and the Ugly

Tips, tricks and shortcuts for evaluating vendors of independent IT security assessment. This information will help you better understand the bid in front of you and some possible outcomes as you work to shorten the stack of vendors.....Read More...



by: Phil VanMeerhaeghe CISSP

Finding Weakness in Todays Networks

Evaluating the security of an internal network environment can be accomplished several ways. We routinely field a number of questions about internal network security assessments. A few of the most common questions.....Read More...



by: David Matt CEH

EMET, the security tool you haven’t heard about.

Microsoft’s Enhanced Mitigation Experience Toolkit, or EMET, is a free security tool that has been around for some time, but outside of a few circles, it hasn’t received the attention.....Read More...



by: Jeremy Johnson, CISSP, MCSA

Exposed Management Consoles - A look at Microsoft Exchange

In most organizations where we find Microsoft Exchange, we find Outlook Web Access (OWA) open to the internet. Generally, external access to OWA and ActiveSync is allowed when mobile users are accessing Exchange email. This is all hosted using Microsoft's Internet Information Services (IIS). What many administrators may not realize .....Read More...



by: Greg Peterson, CCSE, CEH

Going Next Level (Firewalls)

The shape of the internet as we know it is constantly changing and evolving to meet the growing demands of business and entertainment. This constant growth however has added levels of complexity to Information and Network Security which can lead to complex and mismanaged network environments. One of the newer products to hit the Security scene that is hoping to help reduce those .....Read More...



by: Scott Burkhart, GCFA, GCIA, MCSE

Memory Acquisition Tools

Combating today’s advanced malware requires skill and an advanced toolset. The most common incident response procedure that we see in smaller organizations is to identify infected machines and simply run malware scanners (Malwarebytes, Spybot, etc...) until the scan comes back clean. This “scan until clean” mindset often results in repeated infections and gives the organization a false sense of security. Malware scanners suffer from .....Read More...