Hello, welcome to the Wednesday, December 21st, 2016 edition of the Sandcent Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

If you're using V-Sphere data protection from VM, where it's time to apply a critical update, because the current version did include a fixed

as H key that could be used by anybody to log in to your device.

So fixed passwords and the like, it's not just a problem for $50 DVRs and internet connected cameras happens also for these more

professional systems and again it took actually an outside source to point this out

to VMware now vSphere data protection is a separate component that you would

install to backup virtual machines so So it's not that all

VMware installs are affected only if you did actually install this particular add-on.

And we got a holiday gift from NMAP version 7.4 of us released today. No critical updates

here, but a bunch of new features that you may find

interesting like new nesee script new fingerprints and better support for geo

IP data so for geolocation has been added to en map and if you need something to

play with for the next couple days, if it's a little bit

slow at work, Fire Eye has a nice brief blog post about how the Microsoft System Center

configuration manager, also known by the Appropriation SCCM, can be used to actually meter software.

There's a software metering feature built in that tells you which user used what software,

when, and in many cases can also capture parameters or code being run within the software

and the like. So really a lot of intelligence here

for the forensics people around here.

And the nice part is you can actually report this remotely

to a central collector if you configure this all correctly.

...