Recently technical guidance was released for CIOs and CISOs on how to prepare for a ransomware attack. This guide was a joint effort of multiple Federal agencies to address the growing concern of ransomware. In, “How to protect your Networks from Ransomware,” they provide some suggestions for prevention and response. We have created a checklist below to help you based on their recommendations. You can review your current polices, procedures and plans to see if you are cover

This is a book review I wrote back in 2007 for a past version of this website. I am resurrecting it because it is still applicable today. I can't recommend this book enough for system administrators. I also recommend the book last May in the context of vulnerability management here: http://www.learnsecurity.org/single-post/2017/05/09/Where-are-the-Real-Vulnerabilities Book Review: The Visible Ops Handbook If you are in Information Technology, do you spend more time on fixin

Equifax Given the nature the breach I have been tracking this is a separate blog post. So far we can determine their inventory process, configuration process, patch management, vulnerability management, data leak protection, SQL programming, incident response and crises management processes are in need of some work. http://www.learnsecurity.org/single-post/2017/09/21/Equifax-Data-Breach-News Sonic Information this far seem to indicate that Sonic was not aware of the breach an