Monthly Archives: September 2011

Happy Birthday Healthcare Breach Notification Rule

Posted on September 25, 2011 by Dan Berger in Main | Leave a comment

I wasn’t the only one celebrating a birthday last week. It’s been exactly two years since the breach notification rule, mandated by the HITECH Act, took effect. Since then, 330 major health information breaches affecting 11.8 million individuals have been reported to the Department of Health and Human Services’ Office for Civil Rights (OCR). And while major breaches are those that impact the largest number of Americans (500 or more per incident), it is worth noting that another 30,500 smaller …

Importing and Working with Nmap Scans in Metasploit Framework 4

Posted on September 14, 2011 by Mark Marshall in Main | Leave a comment

Importing Nmap scans directly into Metasploit is one of the best time-saving tricks you can accomplish while using the Metasploit Framework. Once the full Nmap data is happily in your PostgreSQL database and accessible to Metasploit you can do all kinds of cool things with it that will save you lots of time and frustration on a large penetration test. For this example I’m assuming you’ve got a fully functional PostgreSQL database already configured and accessible to Metasploit. This is …

Viewing GPO’s on the Commandline

Posted on September 2, 2011 by Mark Marshall in Main | Leave a comment

Want a quick way to see what GPO’s are applied to your local system, just using built in utilities? Using the GUI to manually view what settings are applied is awkward and slow.  Use the following commands to see what policies are being handed down to the system you’re on and what they’re enforcing.  This info can be incredibly handy during a pentest in order to find out the limitations being imposed on a specific system you’ve compromised. It can …