Blog

Blog

Five Things Security and Development Teams Should Focus on in 2021

As we say goodbye to 2020 and spend time reflecting on the industry changes, reassess our workflows and procedures in order to identify where 2021 will bring us, it’s a brilliant time to also address our security practices and ways we can bring improvement to those, as well. After considering the top challenges I saw with development teams and...
Blog

Improving Your Security Posture with the Pipeline Cybersecurity Initiative

A few years ago, I worked alongside some oil commodity traders. Environmental concerns aside, I never realized how many parts were required to get the oil out of the ground, not to mention everything else that finally resulted in the production of refined products that surround our lives. As a cybersecurity professional, I was more interested in how...
Blog

Data Classification Is Data Storage

‘Business’ is a verb that practically means the movement of data. If you aren’t sharing data – keeping the books, sharing ideas and stats about sales, getting the correct information regarding the customer or data to the customer – then you aren’t doing much business. But organizations need to protect their data along the way. Infosec has so many...
Blog

The Changing Dynamics of Cyber Insurance

Almost exactly a year ago, cybersecurity professionals were locked in a heated debate about insurance. While some were keen to point out that the future of the industry would need to include some form of insurance market, others argued that cyber insurance would never be worth the premiums, especially given the inherently volatile nature of...
Blog

8 Cloud Security Best Practice Fundamentals for Microsoft Azure

In a previous blog, I discussed securing AWS management configurations by combating six common threats with a focus on using both the Center for Internet Security (CIS) Amazon Web Services Foundations benchmark policy along with general security best practices. Now I’d like to do the same thing for Microsoft Azure. I had the privilege of being...
Blog

VERT Threat Alert: January 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s January 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-922 on Wednesday, January 13th. In-The-Wild & Disclosed CVEs CVE-2021-1647 A vulnerability in the Microsoft Malware Protection Engine (MMPE) is currently seeing active exploitation. Since...
Blog

Steps for PCI DSS Gap Analysis

Complying with Standards drawn by the Payment Card Industry Security Standards Council can be complicated and time-consuming. But, with a PCI DSS Gap Analysis, the process becomes a lot easier, streamlined, and less exhaustive. PCI Gap Analysis is the first step towards the Compliance process. The assessment provides details on your current security...
Blog

Ransomware Gangs Scavenge for Sensitive Data by Targeting Top Executives

In their attempt to extort as much money as quickly as possible out of companies, ransomware gangs know some effective techniques to get the full attention of a firm's management team. And one of them is to specifically target the sensitive information stored on the computers used by a company's top executives, in the hope of finding valuable data...
Blog

Tripwire Patch Priority Index for December 2020

Tripwire's December 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Pulse Secure, and Oracle. First on the patch priority list this month are two vulnerabilities that have recently been included within the Metasploit exploit framework. One is a vulnerability in Pulse Secure Desktop Client and the other is a...
Blog

It’s Always DNS – But Not in the Way You May Think

A popular joke among technologists says that it’s always DNS, even when it initially didn’t seem that way. DNS issues come in many shapes and forms, including some often-overlooked security issues. DNS (short for the Domain Name System) continues to be described as “the phonebook of the Internet,” but many people, including most readers of this...
Blog

Verizon's 2020 Payment Security Report: Focusing on Strategy

Last year, I wrote about the Verizon Payment Security Report saying it was ”Not Just for PCI.” Verizon liked that post enough to include its introduction in this year’s version. This recognition was a wonderful surprise. Like last year’s report, the 2020 publication goes well beyond PCI in its information and recommendations. While PCI DSS forms...
Blog

Ghidra 101: Slice Highlighting

In this blog series, I will be putting the spotlight on useful Ghidra features you may have missed. Each post will look at a different feature and show how it helps you save time and be more effective in your reverse engineering workflows. Ghidra is an incredibly powerful tool, but much of this power comes from knowing how to use it effectively. In...
Blog

NIST SP 800-128 – Because Patching May Never Fix Your Hidden Flaws

Over the last few years, the idea of patching systems to correct flaws has graduated from an annoying business disruption to a top priority. With all of the notorious vulnerabilities that can wreak total havoc, the time it takes to patch becomes a minor inconvenience when weighed against both the technical challenges and possible regulatory...
Blog

Keeping Your Garage Secure Using a Raspberry Pi

It is always unfortunate when the garage door is left open when you leave for an extended period of time. This has happened to me a couple of times. By leaving the garage door open, I was inviting unwanted guests into the garage. An unwanted guest can be animals looking for a meal and spreading trash all over. It could also be another person that...
Blog

Fighting Cybercrime: We Are Stronger Together than We Are Individually

As a cybersecurity professional, how numb have you become to vendors who try to scare you with frightening statistics in an effort to sell you a new product? It is understandable that a vendor has to present as much information in a limited amount of attention-grabbing time, so their doomsday technique makes some sense. Perhaps the vendors’ approach...
Blog

Validating XML Schema of OVAL Documents with Python

OVAL is the Open Vulnerability Assessment Language, which uses XML based documents to define vulnerabilities based on characteristics of a host system. It can also be used to gather information about the host. When an OVAL file is evaluated, it generates a report file with the results of the vulnerability evaluation or a system characteristics file...
Blog

Lessons from Teaching Cybersecurity: Week 13

As I mentioned previously, this year, I’m going back to school. Not to take classes but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to...