Skip to main content
  • October 2015: Who Has Tried to Hack Us!

    Publish Date: October 13th, 2015 | Posted in Security | Last Updated

    Brute Force Attack from China Based IP Hits every few seconds from same IP so an automated attack. Adding these guys to various blacklist databases. This is what went down: $ grep “wp-login.php” –color=always /path/to/our/access.log | GREP_COLORS=”mt=0;34″ grep “” –color=always |more – – [13/Oct/2015:06:22:52 -0400] “POST /wp-login.php HTTP/1.0” 301 477 “-” “-” Many, Many […]

  • Site Security Check-up for ABC-J Corp

    Publish Date: September 28th, 2015 | Posted in Security | Last Updated

    Overview Privacy and Confidentiality Notice “ABC-J Corp” is a B2B and B2C security company. The company’s name and identity shall remain confidential and undisclosed. They have been notified of these vulnerabilities. Since you’re a security firm it is recommended that you use an extended validation SSL certificate. Like our friends at XYZ Mega Corp, you’re […]

  • Site Security Checkup for XYZ Mega Corp

    Publish Date: September 9th, 2015 | Posted in Security | Last Updated

    Site Security Checkup for XYZ Mega Corp Privacy Notice “XYZ Mega Corp” is a B2B software company. Their identity will remain confidential and undisclosed. This anonymized report has been made public since many of the issues discovered impact a most production servers. Security Assessment for XYZ Corp Heads-Up We recommend pushing updates to a staging […]

  • Security 101: The 5 Pillars

    Publish Date: September 8th, 2015 | Posted in Security | Last Updated

    Five Pillars of Information Security and Information Assurance The below list is often referred to as the five pillars of information security. However, many these tenets also apply to physical security as well. In colloquial terms these tenets or pillars of security define. The terms “data, asset, resource, and system” are often used here interchangeably […]

  • Securing SSL Against Common Exploits

    Publish Date: September 3rd, 2015 | Posted in Security | Last Updated

    SSL Security Enhancements June 2, 2015: Weak Diffie-Hellman LogJam Fix for Ubuntu 12.04 LTS Run the below commands to patch Apache for the LogJam vulnerability. The latest updates bring ECDH to Ubuntu 12.04 LTS running Apache 2.2.x. Also, the 2048-bit group for Elliptical Curve Diffie-Hellman Encryption (ECDHE) is now supported. $ sudo aptitude update $ […]

  • The Ulitmate Guide to File and Directory Permissions on Linux

    Publish Date: November 30th, 2014 | Posted in Security | Last Updated

    Introduction This article is a compilation of Linux file permissions along with related commands and explanations. Content has been compiled from online articles as well as forum posts. Where appropriate, explanations from forum posts and articles (i.e., Rackspace , Redhat, and University of Surrey) are modified to provide better clarity or to correct errors. Finally, […]