Monthly Archives: March 2018

Your Bank’s Security

A large number of banks, credit unions and other financial institutions pushed customers onto new e-banking platforms that ask them to reset their account passwords by entering a username plus some other static identifier — such as the first six digits of their Social Security number (SSN), or a mix of partial SSN, date of [...]

IDN security problem – Visual Confusion

Security researchers have long warned about the use of look-alike domains that abuse special IDN/Unicode characters. Most of the major browser makers have responded in some way by making their browsers warn users about potential punycode look-alikes. Visual confusion attacks are not new and are difficult to address while still ensuring that we render everyone’s [...]

New Tools: HELK vs APTSimulator

HELK A Hunting ELK (Elasticsearch, Logstash, Kibana) with advanced analytic capabilities. Provide a free hunting platform to the community and share the basics of Threat Hunting. Make sense of a large amount of event logs and add more context to suspicious events during hunting. Expedite the time it takes to deploy an ELK stack. Improve [...]

Identity Management Changes in Cloud

Cloud and mobility are exacerbating problems in an already-fragile IAM infrastructure. This will drive changes to areas such as single sign-on, multi-factor authentication, IAM centralization, and skills. Protection background. Technology security, encode and decrypt, techno scheme, vector illustration Many organizations are struggling to maintain tight security controls in an era of cloud computing [...]

Protecting Critical Infrastructure

Patching security vulnerabilities in industrial control systems (ICS) is useless in most cases and actively harmful in others. The answer boils down to threat modeling. https://www.icsvillage.com/ Securing industrial control systems Attacking legacy ICS infrastructure is expensive and time-consuming, limiting threat actors to nation-states and organized crime. Worsening attacks on ICS In the beginning, there was [...]

The Cybersecurity Landscape Transformation

A comprehensive report from Cisco covers how & why the Cybersecurity landscape is changing. Highlights of the study include four key assertions: 1. Malware is becoming self-propagating. Historically, malware required a user to click on a link, open an attachment, or take some other kind of action before it could spread. Today, newer forms of [...]

Botnets and their Ramifications

Botnets act as a force multiplier for individual attackers, cyber-criminal groups, and nation-states looking to disrupt or break into their targets’ systems. By definition, they are a collection of any type of internet-connected device that an attacker has compromised. Commonly used in distributed denial of service (DDoS) attacks, botnets can also take advantage of their [...]

Tips to Improve e-mail Security

Phishing and email spam are the biggest opportunities for hackers to enter the network. If a single user clicks on some malicious email attachment, it can compromise an entire enterprise with ransomware, cryptojacking scripts, data leakages, or privilege escalation exploits. Three of solutions: Sender Policy Framework (SPF), which hardens your DNS servers and restricts who [...]

Importance of Security Automation

What is Security Automation? Security automation is the automatic handling of security operations-related tasks. It is the process of executing these tasks, such as scanning for vulnerabilities, without human intervention. OR The use of automatic systems to detect and prevent cyber threats, while contributing to the overall threat intelligence of an organization in order to [...]