A Dissection of the “EsteemAudit” Windows Remote Desktop Exploit

A Dissection of the “EsteemAudit” Windows Remote Desktop Exploit

Summary In April, a group known as the “Shadow Brokers” released a cache of stolen information that included multiple tools to exploit vulnerabilities in various versions of Microsoft Windows. The most famous of these is an exploit tool called “EternalBlue” which was repurposed to spread the WanaCrypt0r ransomware/worm earlier this month. Another tool released in [...]

COBIT 5 and the NIST Cybersecurity Framework – A Simplified Framework Solution

COBIT 5 and the NIST Cybersecurity Framework – A Simplified Framework Solution

Picking the right frameworks to support your organization’s governance, risk, compliance and cyber security efforts is overwhelming. Do you pick the most popular framework for each area, or assemble a collection of applicable frameworks that all drive toward a common goal? There are literally dozens of frameworks to choose from, but the common underlying theme [...]