Gathering Windows, PowerShell and Sysmon Events with Winlogbeat – ELK 7 – Windows Server 2016 (Part II)

In part I of this series, Installing ELK 7 (Elasticsearch, Logstash and Kibana) on Windows Server 2016, I covered the following: Installing and configuring Elasticsearch, Logstash, and Kibana as Windows services Installing and configuring Winlogbeat to forward logs from the Continue reading

Installing ELK 7 (Elasticsearch, Logstash and Kibana) – Windows Server 2016 (Part I)

I am a huge fan of the Elastic stack as it can provide a great deal of visibility into even the largest of environments, which can help enable both engineering and security teams rapidly triage technical issues or incidents at Continue reading

Apache Struts CVE-2018-11776 – Testing, Analyzing, & Detection

Intro Any time a new Apache Struts vulnerability comes out it should be taken pretty seriously as there are many “mission critical” systems that are leveraging the framework, with a considerable amount of them being public facing. Unfortunately, as a Continue reading

ESXi 6.5 – Error Loading /xorg.v00 Fatal Error: 33 (inconsistent data)

The Error During a recent thunderstorm one of the ESXi 6.5 hosts in my lab environment that was not on a UPS, rebooted from a power fluctuation and when it rebooted I received the following error: Error loading /xorg.v00 Compressed Continue reading

PowerEdge R610 – Updating Firmwares When the LifeCycle Controller Fails

Why You Should Always Update Firmwares! Security patches, new features and bug fixes โ€“ These are all very good reasons to ensure firmwares are up to date before moving your new servers into production. Things like the BIOS, RAID Controller, Continue reading