TaoSecurity Blog

CVE-2020-0688 Scan Results, per Rapid7 tl;dr -- it's the title of the post: "If You Can't Patch Your Email Server, You Should Not Be Running It." I read a disturbing story today with the following news: "Starting March 24, Rapid7 used its Project Sonar internet-wide survey tool to discover all publicly-facing Exchange servers on the Internet and the numbers are grim. As they found, 'at least 357,629 (82.5%) of the 433,464 Exchange servers' are still vulnerable to attacks that would exploit the CVE-2020-0688 vulnerability. To make matters even worse, some of the servers that were tagged by Rapid7 as being safe against attacks might still be vulnerable given that 'the related Microsoft update wasn’t always updating the build number.' Furthermore, 'there are over 31,000 Exchange 2010 servers that have not been updated since 2012 ,' as the Rapid7 researchers observed. ' There are nearly 800 Exchange 2010 servers that have...

I have a confession... for me, the best part of virtual calls, or seeing any reporter or commentator working for home, is being able to check out their book shelves. I never use computer video, because I want to preserve the world's bandwidth. That means I don't share what my book shelves look like when I'm on a company call. Therefore, I thought I'd share my book shelves with the world. My big categories of books are martial arts, mixed/miscellaneous, cybersecurity and intelligence, and military and Civil War history. I've cataloged about 400 print books and almost 500 digital titles. Over the years I've leaned towards buying Kindle editions of any book that is mostly print, in order to reduce my footprint. For the last many years, my book shelving has consisted of three units, each with five shelves. Looking at the topic distribution, as of 2020 I have roughly 6 shelves for martial arts, 4 for mixed/miscellaneous, 3 for cybersecurity and intelligence, a...