Blog

Blog

Active Directory is Your Friend

Active Directory should be the single source of truth for user and account management. With Windows Server system penetration, it is surprising to note that a significant majority of Microsoft customers do not extend their user management processes into the Active Directory. This is a world where your employees are granted accounts on partners or...
Blog

Android users warned of malware attack spreading via SMS

Security researchers are warning owners of Android smartphones about a new malware attack, spreading via SMS text messages. As the team at Scandinavian security group CSIS describes, malware known as MazarBOT is being distributed via SMS in Denmark and is likely to also be encountered in other countries. Victims' first encounter with the malware...
Blog

How we Support Magicians, Fraudsters & Hackers

One advantage of running a small boutique consultancy is I get to steer the business activity towards subjects I personally find interesting. Throughout my career, I have always been fascinated with frauds and that is where my focus normally lies. It’s that magic-like performance for me that has a very similar feeling to the showmanship of great...
Blog

Cisco Patches 'Critical' ASA IKE Buffer Overflow Vulnerability

Cisco has patched a 'critical' buffer overflow vulnerability affecting the Internet Key Exchange (IKE) implementation in Cisco ASA. On Wednesday, the multinational technology company published a security advisory for CVE-2016-1287. First discovered and reported by researchers at Exodus Intelligence, the vulnerability could lead to a complete...
Blog

Phishing Email Scam Targeting Airbnb Customers

Security researchers have identified a new phishing scam that is targeting customers of the popular accommodation booking site Airbnb. Christopher Boyd, a malware intelligence analyst at Malwarebytes, says he recently discovered an email phishing campaign impersonating the company and redirecting users to a fake Airbnb login page in an attempt to...
Blog

CryptoBin Down Amid Claims Hacker Posted Details of 20,000 FBI Employees

Sometimes things would be better if people didn't keep their word. Take hackers, for instance. Hackers using the online handle "DotGovs" published information about 9,000 Department of Homeland Security (DHS) workers earlier this week after stealing it from the Department of Justice's intranet. Many of us probably hoped that DotGovs couldn't be...
Blog

Seasonal Defective Password Disorder

Another change of the seasons is upon us. An interesting correlation is that these quarterly seasonal changes also follow the password change schedule in use in many organizations. If you work in an office, you probably receive a notice to change your password every 90 days. The odd correlation of requiring a password change every 90 days in a...
Blog

Improving ICS Security: How to Bridge the IT-OT Divide

Security incidents pose a real threat to industrial networks. In 2014 alone, organizations in the energy, utilities, industrial, and oil and gas sectors encountered 245 unique industrial control system (ICS) incidents, with more than 800 security advisories published that same year. To make matters even more daunting, only a fraction of those events...
Blog

Disable the Easy Button: Pen Test Preparation Steps

Week after week and year after year penetration tests are performed against companies and we continue to find the same things. Do you really want to hire that pentest company to come in and tell you the obvious? You could get better value from your tester if you take some simple steps to prepare before they start their assessment, not to mention you...
Blog

VERT Threat Alert: February 2016 Patch Tuesday Analysis

Today’s VERT Alert addresses 13 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-656 on Wednesday, February 10th. Ease of Use (published exploits) to Risk Table Automated Exploit ...
Blog

Obama to Appoint First Federal Chief Information Security Officer

The Obama administration has announced its intention to appoint the United States' first ever federal chief information security officer (CISO). On Tuesday, the President is expected to roll out a budget of $19 billion for federal information security spending. That budget, which marks a 35 percent increase over last year's allotment of $14 billion,...
Blog

The Change Management and Baselines Challenge in NERC CIP

In the last year, change management has been one of the top challenges customers want to solve. The problem is complex, and integration is essential to producing a sustainable solution. There are multiple drivers behind the challenge. First of all, there must a compliant change management process that produces supporting evidence. For high-impact...
Blog

Under the Hood of Cryptowall 4.0

Back in December, Heimdal Security spotted the Angler exploit kit leveraging drive-by campaigns to infect unsuspecting web users with Cryptowall 4.0 ransomware. The notorious malware has since been spotted in additional attack campaigns, leading Heimdal to wonder whether a newer version is on the horizon. Cryptowall's next installment will no doubt...
Blog

EMET 5.5 - Update Released for Microsoft's Best Kept Secret

It's one of Microsoft's best kept secrets. First released in 2009, the Enhanced Mitigation Experience Toolkit from Microsoft (EMET for short) has been helping companies reduce the risk of being exploited via unknown vulnerabilities in Windows and Windows applications. By detecting and preventing the buffer overflows and memory corruption...
Blog

How to Build a Remote Security Team

This will not come as a surprise to many of you, but there’s a current shortage of cyber security experts out in the field, which is causing job vacancies all over the country. Over the years, we’ve seen the demand for cyber security professionals spike dramatically as organizations realize there’s a problem, and are actively looking to recruit...