Category: Uncategorized

  • Initial Review of Changes from CMMC v0.6 to v0.7

    This is a first look at the changes in the v0.7 draft of the CMMC that was released today. We are also hosting a copy here as well. The sha1 checksum of both versions should match: 2170d92d043be87a7f646c2aaf426cfc89a8453 First, three appendices have been added. APPENDIX C. CMMC LEVEL 2 DISCUSSION AND CLARIFICATION  APPENDIX D. CMMC LEVEL…

  • Cybersecurity Maturity Model Certification (CMMC) Readiness

    Is your organization ready for the Cybersecurity Maturity Model Certification (CMMC) requirement that will start going into contracts in September 2020?  Although the accreditation body for the CMMC is still under development, it is expected to be established in January 2020 with certifications beginning to occur around April or May 2020. Clients who undertake the…

  • Graylog API Query Results to CSV

    I thought I would post this quick bit because it took me a while to figure out how to use the Graylog API to run some of the same searches that I’ve built dashboards on or use on a regular basis. There is still some refinement to do on the authentication piece, and maybe some…

  • Acquiring API Keys for recon-ng – Flickr API Key (flickr_api)

    I wrote a brief guide for this since I just had to do it and the Recon-ng  Usage Guide has this one listed as TBD.  Cheers! Create a Flickr account at https://www.flickr.com/signup. Apply for an API key at: https://www.flickr.com/services/apps/create/apply/ and select APPLY FOR A NON-COMMERCIAL KEY. Enter the name of your app, say “My_Username_RNG_app”. Enter…

  • Phishing for “2017 Outlook Web Access”

    A Well Done Phishing Attempt Today I received this fairly well done phishing attempt about a “2017 Outlook Web Access” migration.  The landing page presents a OWA login screen like this:   The body of the email uses some somewhat convincing language to try to get the recipient to feel a sense of urgency, panic,…

  • IPv4 hosts not being discovered in Cisco Firepower Management Center 6.2

    I wanted to document a recent issue that I encountered with a Cisco Firepower implementation.  The configuration is a pair of Cisco ASA 5545-X firewalls running the Firepower Services Modules and managed by the virtual edition of the Firepower Management Center.  All elements were running 6.2.0 images.  The network was very straight forward inside/outside configuration. Initially,…

  • How Much Bandwidth Does SNMP Monitoring Consume?

    ICMP and SNMP traffic is not insignificant or negligible I recently had the question come up about how much bandwidth SNMP monitoring consumes. I did some cursory searching the web and found that others had posed the same question. Unfortunately, many responses simply said that ICMP and SNMP traffic is insignificant or negligible.  In my case,…

  • Importance of Securing Domain Administrator Accounts

    If you work in Information Technology already, securing Windows Active Directory Domain Administrator, or Domain Admin, accounts may seem like an intuitive thing to do. It does to me, however, I’ve discovered that often times, this understanding is not widely held outside of the the IT community. I wanted to write this post to frame…