ENDPOINT DETECTION AND RESPONSE: FIRE FOR EFFECT
The modern digital landscape is a battleground rife with adversaries ready and willing to go to great lengths to steal your data. Clever independent attackers and state-sponsored actors alike are deploying increasingly effective versions of cyber attacks intended to intrude, infect, steal, evade, disrupt and destroy everything they touch. To defend themselves, many businesses are investing in a variety of technologies and techniques (more…)
In the Wake of Backdoor.Regin: Accounting for the State Sponsored Threat
Recently the Symantec Corporation uncovered a highly sophisticated, modular piece of malware that has been infecting computers in a variety of countries as far back as 2008 – Backdoor.regin has characteristics beyond those of modern malware and is already generally accepted as a product of nation-state cyber espionage. The implant likely took considerable resources and time to create and has several (more…)
How to Secure Your Assets from Cyber Sewage
There I was, ankle deep in raw sewage, incredulous that for the second time this summer, my basement was filling up with foul smelling murky waste. As I looked hopelessly at my wife while the water level continued to rise, I angrily thought to myself, “What else can I do?” Didn’t I shell out some (more…)
As Part of Your Incident Response Plan, Make Sure There are Needles in Your Haystack
Incident Responders take a lot of pride in finding that ‘Needle in the Haystack’ when conducting data breach investigations. The thrill of forensics lies in finding the tiniest clue that unravels the story of how a breach occurred and what exactly was compromised as a result. But the reality is that during forensic investigations, there is not always a needle in the haystack (more…)
A Word about the Target Data Security Breach
What happened to Target® last week is every business’ worst nightmare. We’ve received a number of inquiries regarding the security breach incident from concerned clients and friends and wanted to share a few insights. (more…)
Expecting the Unexpected, Removing Fear From a Security Incident
Once again another company is on the heels of a massive data breach where intellectual property, customer records, private information, you-name-it, has been compromised, a security incident. The recent news of Adobe Systemsi where a malicious entity stole intellectual property and accessed millions of credit card numbers is another case where “if (more…)
The Best Malware Defense: Strategy First, Technology Second
I’m one of those fortunate information security professionals who plays both sides of the technology defense game: I’m your incident response guy and your preventive technologies guy. When I’m working with a company after they’ve been breached I can see pretty quickly what defenses they were missing that allowed the breach in the first place, but then I can help (more…)
An Open Letter to Antivirus Vendors: It is Time for Antivirus Software to Flag Memory Dumping
Dear Antivirus Vendors,
On more and more incident response investigations, my clients (victims) have been asking the question “Why didn’t our Antivirus software detect the malware when we always keep it up to date?” I respond by telling them that they had targeted malware on their system. Their follow up question usually is whether antivirus software is relevant in this era (more…)
NEXT-GEN MALWARE DEFENSE
‘Malware’ has come a long way – next-gen malware. From merely annoyance applications coded by bored engineering students for notoriety all the way to professionally developed stealth applications for financial gains and stealing state secrets. According to Verizon’s 2012 Data Breach Investigations Report, 69% of the breaches were attributed to (more…)
Insecurity – Et Tu Brute?
The death of Caesar at the hands of the senators. Painting by Vincenzo Camuccini, 1798. “Et tu, Brute?” meaning “Even you, Brutus?” is a Latin phrase often used poetically to represent the last words of Roman Dictator Julius Caesar to his friend Marcus Brutus who betrayed him at the moment of his assassination. (more…)
