Hello, welcome to the Monday, July 1st, 2019 edition of the Sansonet Storms, Stormcast.

My name is Johannes Ulrich.

And today I'm recording from Riyadh, Saudi Arabia.

Rob had more power shell goodness for all of you.

And the latest diary that he published this weekend explains how to collect

the hashes from running processes across an entire domain and then verify them via

Virus Total. Now before you go ahead then quickly implement this, he also points out that

if you just have the free public API key

for virus total, you're limited to four requests a minute or 5,760 requests per day. In general,

this shouldn't really actually be all that bad given that even across a large network,

probably many hosts are running the

same configuration, the same software, so you should get an awful lot of duplicate

hashes as you are acquiring them.

And really what you're probably interested in are soft of one-offs, the new processes, so

you should be able to narrow it down to a few

interesting hatches that you are then checking on VirusTotal.

And Mozilla released the latest, greatest version, version five of its TLS server configuration

guide.

One of the interesting features about this guide is that it's also available in JSON format and can easily be used then to automate the configuration of TLS services. Of course, this really focuses on web servers. Now, before you go out and quickly implement it, be aware that it comes

in various levels, most notably an intermediate and modern configuration. Be a little bit careful

with the modern configuration. It really assumes that you are using essentially the latest and greatest

browser versions. For example, it does recommend TLS 1.3 as the only TLS version. The

...