One of the most frequent problems people ask me about when doing a health check on their vulnerability management program is duplicate assets in Qualys. If you simply run the tool with the defaults, it is definitely possible to end up with duplicate assets. But with a few configuration changes, you can mostly eliminate this problem.
The Cyber Kill Chain, developed by Lockheed Martin, and Mitre ATT&CK (pronounced “attack”), are frequently compared, for obvious reasons. Both of them describe how adversaries attack computer networks. So when it comes to Cyber Kill Chain vs Mitre ATT&CK, which is better? It depends who’s asking.
I used to have and recommend a tool for updating all your third party software on Windows machines. Unfortunately that tool went end of life several years ago. But Microsoft, of all people, has a tool that works suitably. Usage is similar to apt or yum on Linux. It’s called App Installer, and at the command line, it takes the form of the command winget.
App Installer is a free tool that updates what Windows Update won’t. That means open source apps, but also some third party apps, and even some difficult-to-update Microsoft apps, like the Visual C++ runtime. It is capable of updating more than 3,000 apps.
Read More »Update Windows third-party utilities semi-automatically
I was downloading from a very intermittent webserver and the download kept quitting less than 80% in. And if my timing wasn’t perfect, the web browser wouldn’t resume it. Then I thought to try to resume my downloads with wget.
wget is a command line tool for Linux, other Unix-like operating systems, and Windows. It is good for resuming downloads and automating other tedious tasks.
The safety of open source software is a question that comes up periodically from time to time. Let’s talk about why the question keeps coming up, and what’s different about open source software versus closed source software.
The main thing that can get you when it comes to the safety of open source software is anything but obvious. Hint: it isn’t the development model.
The recent Log4J vulnerability brought increased attention on 0 day attacks, but it’s a question that never really goes away. How common are zero day attacks?
Zero day attacks are less common than they seem because attackers don’t understand them as well as less exotic attacks. Managing those less exotic vulnerabilities is a real challenge for many organizations, but it’s something they must get a handle on to defend themselves effectively.
If you work in IT or security, you are pretty much expected to know what a user story is. That can be a problem if your background is not in software development, or if your education or background predates the agile software development model. So what is a user story and how do you write one?
User stories are similar to milestones in project management. That was how it was first explained to me. But you don’t write a user story quite the same way that you would write a milestone in project management. The other thing is mixing the two can lead to miscommunication. I was once involved in a meeting where a manager insisted on using user stories, because he had been a software developer, but this wasn’t a project involving software development. So nobody else knew what he was talking about.
User stories are a product management or software development tool. They aren’t something everyone knows.
Sometimes, if you get a new device, or if you connect to a network you’ve never connected to, you can receive a message that says your Wi-Fi is not secure. Why does my wifi say not secure? Here’s why, and also why you shouldn’t ignore that message.
That message got your attention, didn’t it? It’s designed to get your attention. And it’s really easy to dismiss it as being alarmist. People have a tendency to either greatly overestimate or underestimate how much interest someone might have in attacking them. Especially if I tell you that the security that you’re getting a warning about has much more to do with privacy than it does with viruses. That message does not mean that this network is any more or less likely to infect you with a viruses.
But you need to do something about it when you see this message. First let me tell you why, then I will tell you what you need to do.
Over the weekend of Nov 13, 2021, the FBI acknowledged unauthorized emails coming from a legitimate FBI email address to about 100,000 organizations warning them about ransomware. It appears to be the work of a self-styled white hat hacker, or security researcher.
I am a security professional. I am going to remind everyone that these are not the opinion of my current or any former employer. I have strong opinions on the, and those opinions are incredibly unpopular among security professionals. They may or may not agree with me privately, but agreeing with me publicly is not a great idea.
It is important to know how to distinguish between a private vs public IP address. IT professionals and security professionals frequently have to work with them, and it is a very common job interview question, and certification question. Here are the ranges of private IP addresses, and why we need them.