Every time there is a critical vulnerability that is discovered, I often get the question “how am I impacted?” The challenge is this, even if you have a vulnerability management toolset (Nessus, Qualys etc) you may not see the entire picture of what is impacted. There could be many reasons for this such as permissions …
Previously, I would check the following registry location for Office updates: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall There are entries something like: {90140000-0011-0000-0000-0000000FF1CE} I would then use a reporting tool to look for this to identify where office updates are installed. (LANSWEEPER is a great tool for this kind of reporting) Recently I needed to do this for an Office …
Had this issue tonight where a Windows 2008 R2 server could not logon after being removed from the domain. Not sure if this was due to a recent update as we have had lots of issues with that in the last week. I thought it would be good to share the fix I found to …
NETSYNTROPY – Mission statement: Our goal is to provide a complete simple to implement solution to solve for information security. Many large companies have security operations centers, an operational security response team, with large budgets and many layers of process, technology and end user training. At NETSyntropy we aim to provide a combination of information …
I ran across this issue again (figured it was due to the media not being available) and decided to document the resolution. When trying to add the .NET Framework 3.5 feature through the Add Roles and Features Wizard in Server 2012 (R2), you receive the following error: Do you need to specify an alternate source …
This article is the reason why I do not fully trust Andoid phones.. All of us need to be wary of cheap tech, you never know what will come bundled with affordable technology. https://krebsonsecurity.com/2016/11/chinese-iot-firm-siphoned-text-messages-call-records/
If you are having a windows 2012 server that seems to need rebooting from time to time and goes unresponsive, you may want to consider downloading RAMMAP and seeing if the “Metafile” is quite large when the server has been on for some time. This can happen on file servers with a lot of activity …
Over the years I used wireshark to capture packet traces on windows devices. It did the job and for the most part was an invaluable tool. Until that is, I had the need to capture packets over a period of time. Usually when troubleshooting an intermittent network problem. Just when I needed the tool to …
After hearing of complaints of poor application performance for one of my clients Healthcare Referral systems, i started looking into the underlying infrastructure only to find that there was no smoking gun. I ran some queries to see how the memory was being consumed by MSSQL since task manager pretty much just shows allocation, not …
Are you involved in an Incident response engagement and need some free tools to complete your job? I have had good luck with Volatility Framework used in conjunction with Hibernation of the suspect endpoint. The Volatility Framework is a collection of tools, implemented in Python under the GNU General Public License (GPL v2), for the …