Resources

Blog

Why You Need a Concrete Incident Response Plan (Not Strategy)

Recently, I had the privilege to be part of a four-person discussion panel at a security event in London where the topic was about incident response. The panel was hosted by another security professional, and over 50 professionals from the industry were present in the audience. I've worked in information security for 15 years, and I've played a part...
Blog

'Tis the Season to be a Prudent Retailer

'Tis the season to be shopping, as some might say. Holiday seasons are very good for retail businesses, with increased traffic in both online and brick-and-mortar stores. Unfortunately, business is good for cybercriminals during these busing shopping times, too – and, as a result, retailers need to ensure that their physical and cyber resources are...
Blog

Saipem Identified a Digital Attack against Some of Its Servers

Italian oil and gas industry contractor Saipem has announced that it identified a digital attack against some of its servers. On 10 December, Saipem published a statement on its website in which it revealed the attack and said it was in the process of collecting information to determine the impact on...
Blog

VERT Threat Alert: December 2018 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s December 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-809 on Wednesday, December 12th. In-The-Wild & Disclosed CVEs CVE-2018-8611 Microsoft is reporting that this Windows kernel privilege escalation vulnerability is seeing active...
Blog

Achieve Security Through Compliance in the Cloud

Digging through my cupboards recently, I came across my old collection of 3½ floppy disks. It’s been quite some time since I’ve had a need to plug in my trusty USB floppy drive, so upon making this great archaeology discovery, I was left simply to ponder about their content and whether I’d really intended to break the write protect notch to prevent...
Blog

Pentest Toolbox Additions 2018

I’m a red teamer. I do work similar to pentesting and use many of the same tools. This year, I’ve added several tools to my toolbox. I’ll introduce them to you below and hope you find them valuable, as well. DoubleTap (by @4lex) I <heart> password spraying attacks where you guess a few common...
Blog

All I Want for Christmas… Is a New SSL Certificate

On Thursday 6th December, 2018, I realized how dependent I was on my mobile phone having an internet connection. That particular day, I was out and about away from Wi-Fi networks. The first time I noticed I had no connectivity was when I used my phone to check if my train was on time. As I got close to London, I realized I was not the only person...
Blog

Linux Rabbit and Rabbot Malware Leveraged to Install Cryptominers

Digital attackers used new malware called "Linux Rabbit" and "Rabbot" to install cryptominers on targeted devices and servers. In August 2018, researchers at Anomali Labs came across a campaign where Linux Rabbit targeted Linux servers located in Russia, South Korea, the United Kingdom and the United States. The malware began by using Tor hidden...
Blog

What Cyberstalking Is and How to Prevent It

When carried out sensibly and securely, communication through social networks and other online public forums can be beneficial, both socially and professionally. However, if you’re not careful, it can lead to numerous undesirable consequences, one of which is cyberstalking. Cyberstalking is stalking or harassment carried out over the internet. It...
Blog

USB Threats to Cybersecurity of Industrial Facilities

Industrial facilities' cybersecurity is very critical for the national security of every state, and comes once more into focus following the recent Honeywell’s Industrial USB Threat Report. With increasing pressure to limit network access to industrial control systems, industrial plant dependence upon USB removable media to transfer information,...
Blog

Getting Creative with your Vulnerability Management Strategy

You don’t have to look hard to find organizations utilizing a small fraction of the capabilities of a vulnerability management tool. Often, that’s because the focus is on meeting a compliance obligation. For example, PCI DSS 3.2.1 says, “11.2.1 – Perform quarterly internal vulnerability scans.” It’s difficult to learn the capabilities of a tool...
Blog

Lessons to Learn from Armored Cars in the Era of Cloud Computing

We employ a lot of militaristic terms in the IT security sector, and the language of defense is robust in part because it draws upon a rich history of technical innovations. When we talk about the future of IT, it’s hard not to think about cloud infrastructure, so when we’re exploring the growth of cloud resources, I’d suggest that it may also be...
Blog

Critical Vulnerability Uncovered In Kubernetes

The first major security flaw has been uncovered in Kubernetes, the popular container orchestration system developed by Google. The vulnerability, identified as CVE-2018-1002105, carries a critical CVSS V3 rating of 9.8 due to low attack complexity, requiring no special privileges, and a network attack vector. ...
Blog

Read All About It: The Breaches That Won’t Make the Headlines

It’s been a busy few months for those tracking cybersecurity breaches. Considering that this quarter alone has seen headlines for British Airways identifying additional victims behind its already significant breach, Facebook’s massive messaging leak and Yahoo’s significant payout related to earlier data breaches, there are plenty of high profile...