Archive by Author

GA SB315 – Rendition Infosec’s thoughts

Rendition Infosec has been in lock step with other cybersecurity companies being vocal in our opposition to GA SB315, an extremely flawed piece of legislation that will likely hurt cyber security organizations that operate in GA. The bill itself is extremely poorly worded and leaves much to the discretion of prosecutors and judges. For instance, […]

Hacking back – is it the right move?

Today, the New Yorker published an article on hacking back. Many clients ask us about hacking back and we regularly tell them it’s a bad idea. When we press them for what the goal of the hacking back is, they can’t articulate what value it is likely to provide (other than making them feel good). […]

New Windows 7 and Server 2008R2 out of band patch

Microsoft usually only issues patches on the second Tuesday of every month (so-called “Patch Tuesday”). However, when there is a vulnerability that is being exploited in the wild (or is likely to be) Microsoft may issue an out of band patch. That’s exactly what happened yesterday. The vulnerability being patched was introduced when Microsoft patched […]

Rendition Infosec and Cybereason to hold joint webinar 5/9/2018

THE EVOLVING CYBERSECURITY LANDSCAPE A WEBINAR WITH RENDITION INFOSEC AND CYBEREASON   Webinar Description: Join Cybereason and Rendition Infosec, LLC Wednesday, May 9th, at 1:00pm EDT for a live webinar where we discuss how cybersecurity is developing as a practice.   Register Here: https://www.cybereason.com/cybereason-rendition-webinar   First, we’ll discuss the cybersecurity landscape, understanding recent trends and […]

Atlanta government was compromised in April 2017 – well before last week’s ransomware attack

Last Thursday, the City Of Atlanta suffered outages from a ransomware attack. During the press conference (recorded here), city officials indicated that they were invested in cyber security. They noted that they were working with state and federal law enforcement to resolve the incident and had even been in contact with the Secret Service. Officials […]

AlienVault OSSIM SSH Access

Today I was troubleshooting an issue and found something absolutely maddening on the default build of AlienVault’s OSSIM server. The SSH server doesn’t start up until VERY late in the boot process. lrwxrwxrwx 1 root root 27 Jun 22 2017 S01alienvault-depmod -> ../init.d/alienvault-depmod lrwxrwxrwx 1 root root 17 Jun 22 2017 S01mongodb -> ../init.d/mongodb lrwxrwxrwx […]

Top three considerations when limiting local administrator rights

Ideally we would always remove administrator rights from all users. But in the real world, we unfortunately must deal with years of technical debt and poor architecture decisions that make the complete elimination of administrator rights difficult (or financially non-viable) for many organizations. So when faced with the task of prioritizing the removal of admin […]