I recently encountered a case with one of my clients that demonstrated the true value of having an effective information security training program which includes regular social engineering tests. Sure,… read more →
Check out autoenum, our new Nmap automation script which we recently released on the ISAudits github page: https://github.com/isaudits/autoenum Performs an initial Nmap scan to detect live hosts for enumeration and… read more →
Late last week, a critical vulnerability (CVE-2014-6271) affecting many Unix-based systems, including Linux variants and Mac OSX was discovered which, in certain circumstances, allows remote code execution on affected systems.… read more →
Last Tuesday, Microsoft released MS14-045 to patch several local privilege escalation vulnerabilities associated with the Windows kernel. Unfortunately, soon after the release reports of the dreaded blue screen of death… read more →
More often than not, network administrators will respond to the question “do your users have local administrator access to their workstations” with “yes, because software vendor XYZ requires it in… read more →
Great blog post by Safe Systems’ Matt Gunn with guidance on selecting IT auditors and penetration testers with contributions by IS Audits’ own Matt Jones as well as TrueSec Consulting’s… read more →
In January, Apple detected a flaw in it’s IOS (iPhone, iPad, etc) and OSX operating systems which would allow an attacker to view encrypted data streams via man-in-the-middle attack or… read more →
During the course of the year, we conduct over thirty IT general control reviews for financial institution clients. During the performance of these engagements we note many findings and observations… read more →
Let’s face it – Microsoft may get a bad rap sometimes. Many Mac and *NIX aficionados will quickly assert that their system of choice is much more secure than any… read more →
The FDIC released FIL-56-2010 on September 15, 2010, describing the risk posed by sensitive information stored on electronic devices, such as, photocopiers, fax machines and printers, and how financial institutions… read more →