7 Home Network Security Tips
The home network is equally important to secure as the organization you work for. Think about it, this is the network that you use when not in the office; you plug your work laptop in, access sites that are unfiltered/unprotected…
Read More
March 12, 2015
Phase 2 OCR HIPAA Audits: What’s to Come in 2015?
Here is a high-level breakdown for the Phase 2 HIPAA Audits being conducted by OCR in 2015: Back in 2011, the Office of Civil Rights (OCR) was brought on-board to support a pilot HIPAA audit program with the goal of…
Read More
March 11, 2015
NetMon: Quick Tips and Use Cases
When attackers are trying to break through your perimeter or are operating within your environment, you need to act quickly. Security intelligence is paramount. The good news is that you can detect most indicators of a threat from within the…
Read More
March 6, 2015
FREAK: Organizations Need to Protect Themselves, Not Wait for Patches
This week, security researchers at SmackTLS, a new, potentially dangerous flaw that could allow hackers to trick Internet-enabled devices into using weak encryption. The bug, dubbed “FREAK” (factoring attack on RSA export keys). affects SSL/TLS protocols and could, therefore, be…
Read More
March 6, 2015
TalkTalk Customer Data Breached
Last week it was revealed that UK telecommunications company TalkTalk suffered a data breach in 2014, where customer details—such as account numbers, names and addresses—were stolen. The stolen details were then used by scammers to trick people into believing they…
Read More
March 2, 2015
Simulated Cyber Threat Thwarted at London’s BT Tower
Earlier this week, a simulated cyber terrorist strike took place at London’s BT Tower. The event—part of the UK government-backed Cyber Security Challenge—was designed to mimic a sophisticated cyber-attack and tested the ability of amateur contestants to defend the building’s…
Read More
February 27, 2015
Armed Forces the Latest to be Warned Against Cyber Attacks
A recent study by Lancaster University, The Future of Maritime Cyber Security, has found that Britain’s aircraft carriers and warships are at risk due to their reliance on ageing software. The research team has warned that the Royal Navy and…
Read More
February 17, 2015
Lights, Case, Action!
LogRhythm released Case Management in its most recent update, and while I could wax lyrical about the merits of why you should be using this feature, I won’t. Instead, I’ll show you a brief video demonstration of the new feature…
Read More
February 13, 2015
Detecting Lateral Movement From ‘Pass the Hash’ Attacks
Pass-the-hash attacks exploiting Windows operating systems aren’t anything new, in fact they’ve been around for donkey’s years; however, despite the exploit being nearly two decades old, still not much is known about the attack vector. So, in this post, I’ll…
Read More
February 3, 2015
Sharing Threat Intelligence
After the breach of Sony Pictures by North Korea, legislative attention has come back to cybersecurity. Its primary goal has been the sharing of threat information, allowing private companies to integrate their ‘indicators’ — pieces of information that have been…
Read More
January 29, 2015
The Long Road to Securing America’s Digital Infrastructure
As the US pioneered the Internet, so too the country is pioneering this ever changing information age. With this effort comes a responsibility for all organizations, both private and public, in all industries to protect client and consumer information. On…
Read More
January 26, 2015
War Game Cyber Attacks
Last week Barack Obama and David Cameron announced that the US and UK would implement a rolling program of “war game” cyber attacks on each other, which will be conducted by the FBI, GCHQ and MI5. Targeting critical national infrastructure,…
Read More
January 21, 2015
Catching the “Inception Framework” Phishing Attack
Posted by: Tony Massé
A new sophisticated, layered and targeted malware has been hitting Russia and Russian interests lately, and is starting to spread out. This has been named “Inception Framework” because of its massively layered design, in reference to the 2010 “Inception” movie.…
Read More
January 14, 2015
Kippo Honeypot: Log Replay Automation
Kippo is one of my favorite honeypots due to its sheer simplicity, portability, and ease-of-use. It comes with a really neat feature that allows you to replay what the attacker did once they gained access to the honeypot by way…
Read More
January 9, 2015
Moonpig API flaw left unfixed for 17 months
Earlier this week, online greetings card company Moonpig took its API offline as a flaw was enabling orders to be placed on customer accounts by hackers. The flaw, identified by researcher Paul Price, allowed hackers to bypass authentication security and…
Read More
January 8, 2015
A Successful SIEM Deployment: Truth or Fantasy?
“A Successful SIEM deployment: truth or fantasy”…a controversial opening statement one might say for a consultant who works for a SIEM provider (LogRhythm) and preaches the virtues of the technology. Am I saying that a successful SIEM deployment is a…
Read More
January 7, 2015
Detecting DNS Tunneling
All kind of different services, like web browsing, email, active directory, etc., use the Domain Name System (DNS) protocol to turn IP addresses into human readable names and vice versa. DNS was never intended to be used for data transfer,…
Read More
December 17, 2014
The SIEM Awakens—Identifying Account Lockouts from BYOD
Windows account lockout policies are an effective and recommended best practise for securing against brute force attacks. When these activities occurs within the perimeter of an Enterprise’s network, LogRhythm’s SIEM makes it a simple task to quickly work out the…
Read More
December 10, 2014