Incident Response Ransomware Series – Part 2

October 30, 2019
Opening In part one of this blog post series, we provided an introduction into what ransomware is and how it works. We also provided examples of different types of ransomware, variation of ransomware tactics, and identified that ransomware delivery is traditionally accompanied by other malware to assist in lateral movement and deployment. If you haven’t...

Incident Response Ransomware Series: Part 1

October 28, 2019
In this three-part blog post series, we will provide an introduction into what ransomware is, how it works, and how it spreads to systems within an organization. We will also provide examples of different types of ransomware and variation of ransomware tactics. In part two, we will go in-depth to understand the various attack vectors...

Discovering the Anti-Virus Signature and Bypassing It

October 24, 2019
In this post, I am going to go over how to find the specific Anti-Virus signature using manual testing and then show techniques that can be used to bypass them. I am a big fan of LOLBins so we are going to focus on the binary Regsvr32, which is a known binary that can be...

The Three Step Security Strategy

October 8, 2019
Why Does Strategy Matter? The term ‘security strategy’ can be ambiguous and often means different things to different people. Because of this, many organizations do not have a formalized security strategy and those that do may not have an effective one. This is understandable. Managing the day-to-day issues associated with a security program (alerts, audits,...

Buying Internal Domain Access Again

October 3, 2019
So, this post is inspired by some very interesting research done by @mubix that you can read about here, as well as this amazing post by Tim Medin here. After reading Mubix’s post, I was whipped into a frenzy and purchased several domains. I realize that these posts are both several years old, but this idea has...

Big Changes in Store for PCI DSS v4.0, and More!

September 20, 2019
This week I attended the PCI North American Community Meeting. If you are in the payment security space and haven’t been to a community meeting, I would recommend that you put this on your conference schedule. It’s great to connect with like-minded individuals, including card brands, banks, large customers, vendors, and yes, assessors – both internal (ISAs)...
  • Browse by Category

  • Clear Form