Today’s blog is going to be a “back to basics” Payment Card Industry (PCI) compliance discussion. When it rains it pours. Lately, I have been subjected to an alarming number of baffling statements by merchants in recent weeks. These are coming from fringe, non Level 1 merchants who don’t have a direct Acquirer breathing down their neck (thankfully!!!). They have all had the same basic tone which is essentially, “I don’t have to be PCI compliant” or “we dance around PCI compliance because we don’t process credit cards via our website” or “we believe PCI doesn’t apply to us because we don’t process credit cards.” Or even more mind-boggling, “We don’t get that many credit cards, so we don’t have to be PCI compliant.” Maybe what they really mean is, “We don’t get that many credit cards so we don’t want to be PCI complaint.” At least that one I can... read more >
Memory analysis is extremely important in incident response, malware analysis and reverse engineering to examine memory of the infected system to extract artifacts relevant to the malicious program. Memory analysis has gained popularity in the context of reverse-engineering malware. Memory analysis can help identify malicious code and explain how the specimen was used on the suspect system.
When performing memory analysis on the suspect system, I try to answer some simple questions in an attempt to identify malicious code:
What processes were running on the suspect system at the time memory image was taken?
What artifacts of previous processes existed?
Are there any active or previous network connections?
What is the purpose and intent of the suspected file?
Are there any suspicious DLL modules?
Are there any suspicious URLs or IP addresses associated...
In the career of every analyst, network engineer or system administrator, there comes a time when they need to look at packets. For the uninitiated, packets are the binary log representation of network device communication. A plethora of tools are available for collecting and analyzing traffic. Sometimes, we encounter a situation when those tools, though great, are missing that one needed feature (insert feature here).
Sure, you can analyze the packets manually, but what if there are thousands of them or due to time constraints you have to act quickly? Just to pour salt on the wound, what if you have 20 capture files to analyze, and they range in size from 400KB to 10MB? I know this never happens, right?
Oddly enough, building your own solution might be the only way to keep your sanity and not lose hours of sleep staring at ones and zeros, and meet your deadline. This is about to get techie, so grab a Hotpocket or Jolt Cola and let me walk you through this... read more >
One thing I was taught during first-aid training in the military is that applying a BAND-AID® is not an effective treatment for compound fractures. Sure, it may keep the wound clean, but it does not address the bigger issue.
Earlier this year I discussed the difference between tactical and strategic planning when it comes to securing your organization’s network and addressing threats. To revisit this strategy, let’s consider threats from the low-level bits and bytes, and then back our focus out to the 32,000 foot view.
I work with many great organizations, and I recently spoke with some decision makers regarding the implementation of controls to defend against threats. However, it quickly appeared that the focus of the conversation, and the organization’s strategy, was solely focused on protecting against... read more >
Based on my previous post where I suggested performing a physical security risk assessment for your organization, I decided to jot down a quick list of items you may want to consider for your checklist.
This list is not all-inclusive by any means, as each individual location is different. My goal is to create awareness with this list and perhaps draw attention to some areas that are sometimes overlooked.
Document law enforcement, fire department and hospital locations and contact information
Document neighboring buildings and contacts for their security staff
Account for vehicle barriers for entrances
Ensure landscaping does not provide cover for intruders
Secure dumpsters with padlocks
Document building utility shutoffs...
Valve, the makers of some of the world’s most popular video games, has sworn off Windows. The next big game the world sees from the prolific developer will be Linux exclusive. You heard me, LINUX! How does that affect us? Linux has been a target for business environments for years, but the end user is about to drastically change.
At least that's what I wanted to say when I first read the hoax blog on Play4Real that set the Internet on fire by falsely quoting Gabe Newell, Valve director, as stating that Half-Life 3 will be Linux exclusive. But it does bring a very interesting notion to light. There is an operating system revolution happening in the gaming industry. Steam has been released on Linux and OSX. Valve is in the public beta stage of releasing Left 4 Dead 2. Blizzard has an internal World of Warcraft Linux client and a public OSX client. If you peruse the WINE (WINE is a program capable of running Windows applications on POSIX-compliant OS) apps... read more >
A leading industry analyst firm recently released a report describing the managed security service provider (MSSP) market in North America. Solutionary is recognized as a “leader” in the report.
Analyst reports like this are extremely useful for enterprises that are considering vendors to provide a service, giving them advice and perspective on a range of potential vendors.
There are some really large names listed alongside Solutionary. Most of them are known for providing solutions and services that are not related to IT security. Out of the leaders, Solutionary is the lone pure-play MSSP present.
Here at Solutionary, we are all extremely proud of this important industry recognition. Being a pure-play MSSP, all of our focus is on securing our clients and helping them comply with regulatory requirements. Security is all that we do, and it’s a 24/7 job.
To... read more >