Can We Learn From Big Breaches?

Jon-Louis Heimerl

December 30, 2014 - Posted by Jon-Louis Heimerl to Security Insight

security breach

A reporter contacted me about a breach a while back, and asked, “So, is there anything new here or is this just another breach?”

“Just another breach.”

Are we at that point where the breach of the point of sale (POS) system at a national retail organization and the compromise of a large number of credit cards is “just another breach?”

Some of the breaches have come with a decent amount of insight about how the breach occurred. For others we don’t have as much information.

But, can we take the public information about what we do know and look at the types of things that the breaches have in common?

Can we make conclusions about a set of security controls that organizations could implement, trying... read more >

The MSSP 12 Days of Christmas

Joseph (JB) Blankenship

December 24, 2014 - Posted by Joseph (JB) Blankenship to Security Insight

Around the holidays, fellow Solutionary Minds blogger Rob Kraus and I like to have little fun with our blogs. Last year, we came up with “The Top Eight Holiday Songs of IT Security.”

This year, we’re sticking with the holiday song theme, but came up with our take on the holiday classic “12 Days of Christmas” called The MSSP 12 Days of Christmas.

On the first day of Christmas, a malicious actor gave to me Heartbleed exploit code.

On the second day of Christmas, a malicious actor gave to me 2 DOS attacks.

On the third day of Christmas, a malicious actor gave to me 3 pastebin dumps.

On the fourth day of Christmas, a malicious actor gave to me 4... read more >

Physical Security Assessment

Traditional and Nontraditional Tools and Techniques

Brent White

December 23, 2014 - Posted by Brent White to Security Insight

physical security

This blog was co-written by Solutionary Security Consulting Services consultants Brent White and Tim Roberts.

So, you’ve gotten past the front door by piggybacking, were granted access to the elevator by the receptionist, and then find yourself standing in front of another restricted area. The next step is to find a way to trigger the motion sensor from the other side of the door so that it will open for you. What would you do?

Physical Security Assessments are an essential part of a security program. If an attacker is able to gain physical access to your building and equipment, they essentially have “the keys to the kingdom.”

This blog was written to provide an overview of some tactics that assessors... read more >

One Phish, Two Phish, Read Phish, Spear Phish

No Room at the Inn for these Phishing Attempts

Bernie Lambrecht

December 18, 2014 - Posted by Bernie Lambrecht to Security Insight

Holiday Scams Ahead

Ahh...the holidays are upon us once again.

Time to drag out your moose-shaped eggnog mugs, that really do exist and ugly Christmas sweaters. Or if you prefer, your little pink bunny outfit that Aunt Clara made for you. Whatever you’re most comfortable in while roasting chestnuts on an open fire.

As many are aware, the holidays are a crazy, busy time of year. Just because you have to help coordinate four different Christmas celebrations in three different time zones during two weeks, it doesn’t mean you can let your guard down when it comes to phishing and spear phishing attempts. If anything, you need to be more vigilant, especially as people clutter their... read more >

Basic Malware Analysis

Detecting Malware through Static and Dynamic Techniques

Jeremy Scott

December 16, 2014 - Posted by Jeremy Scott to Threat Intelligence

malware

Malware analysis involves two key techniques: static analysis and dynamic analysis.

Static analysis examines malware without actually running it. Dynamic analysis (also known as behavior analysis) executes malware in a controlled and monitored environment to observe its behavior.
 
Each of these techniques includes elements which are further categorized as basic or advanced. Although there are benefits for conducting static and dynamic analysis as separate tasks, an analyst can realize the value provided by conducting both techniques when reverse engineering complex malware.

Performing static and dynamic analysis together helps identify the... read more >

Passwords - to be or knOt2$B3

Jon-Louis Heimerl

December 11, 2014 - Posted by Jon-Louis Heimerl to Security Insight

password security

We always hear about passwords. They are weak. And, when they are not weak, there is another website compromise that results in the exposure of millions of accounts, like from CyberVor or the more recent exposure of Gmail accounts.

Do you think passwords are still important? Do you worry about your passwords?

We’ve been kicking around computer and information security for a while now. Why don’t we have a better answer?

You are not surprised that an analysis of compromised passwords shows the most commonly used passwords are old stalwarts like “123456” and “password," right?

Or are you surprised that surveys say 70-80% of passwords being used online are classified as “weak," which often means a password that is less than eight lower-case characters or are simple... read more >

Hiding In Plain Sight

Analyzing Anomalous Data Structures

Ramece Cave

December 09, 2014 - Posted by Ramece Cave to Security Insight

anomalous data structure

Malware authors are known for developing clever, interesting and sometimes dastardly ways to move, hide and distribute their wares to the masses.

They often work tirelessly to stay ahead of security analysts by playing on doubts, limitations and red tape. Some authors use trivial encryptions or encoding schemes like base64 while others use high-grade encryption or perform small modifications to a file to avoid detection.

If that does not work, the attacker can hide content in, or append content to image files or files made to look like images, but structurally they are another file type entirely. From a forensic standpoint, some of these files do not have a known structure and can be extremely difficult to identify and categorize, therefore they fall into the anomalous category.

In my thought process, anomalous data is that binary file that does not have an identified file structure.... read more >

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS