Not All Is Lost When You Lose Your Memory
Some time ago I wrote a blog, Memory: It’s What’s for Dinner, about the importance of capturing volatile data and memory analysis. I also provided an intro for memory analysis in Hunting Malware with Memory Analysis and More Memory Fun. What happens if you are not able to grab memory? Obviously, a full memory capture of the suspect system will give you the best chance at recovering volatile information from the system but if you can’t, not all is lost.
Hibernation and page files contain data that can help put the pieces of the puzzle back together. The hibernation... read more >
May 19, 2016 - Posted by Zach Holt to
These days, it’s difficult to discuss security without mentioning privacy. As the amount of data being collected on everything from social media to advertising to medical records shows no signs of stopping, commercial entities and malicious actors alike increasingly look to these information gold mines as sources of data ripe for the taking. The use of this information can be leveraged in a number of ways, from simple customer demographics to highly targeted advertising campaigns, or even something more malicious. After all, wouldn’t a mailing list of recently hacked retailers make for some potentially vulnerable users?
Partner With Your Security Provider: A Fourth Step in Security
I remember back in the day sitting in a classroom. The teacher would tell us to pick a partner and so we did. We picked our friend, or the person next to us, or the classroom dreamboat. It was simple then, because it wasn’t a terribly difficult task to complete.
As we got older, and hopefully wiser, we were asked to pick a partner to complete a task. This time, with more education behind us, we wanted a teammate that could help us complete the task the best. In other words, we wanted to win.Security Partners want to help you win when securing your environment.
Through a process (whatever it may have been for your organization), you picked your security partner. There are some things you will need to take on together in order to get the best end result. Your partner needs to have the same information you have about your network. This allows a proper customized experience for your specific company and needs. A one-size-fits-all solution doesn’t work as... read more >
I recently had the pleasure of performing a combined Social Engineering and Physical Security Assessment over the course of a national holiday. While my story may not come close to what Solutionary Security Consultants' Tim Roberts or Brent White have enlightened you with, I must say this assessment certainly opens one’s eyes to the challenges that an organization, similar in size to the assessed business, faces when growing rapidly and trying to fit in an Information Security program.
While there are many lessons learned, two top takeaways stand out:
- Having the proper corporate structure is one of the most important components in standing up a successful information security program.
- Perceived security is just that – perceived. As my co-worker Andrew Weed put it: “This is like an M&M – a hard candy shell, soft on the inside.” To some extent he is correct. The amount...
I was especially excited to learn about how Solutionary is participating in the events marking the 5th Anniversary of Joining Forces. A nationwide initiative launched by First Lady Michelle Obama and Dr. Jill Biden, Joining Forces works with the public and private sectors to ensure that service members, veterans, and their families have the tools they need to succeed.
After nearly eight-and-a-half years on active duty, three combat deployments, an overseas tour, and countless training rotations, I know firsthand the challenges that come with transitioning from military life to the civilian sector.
As my military career drew to a close, I was excited about the endless possibilities and what I could achieve as a veteran in a predominantly civilian workforce. I knew the skills that I had learned in the Army –... read more >
As an organization’s security posture grows, a number of responsibilities may fall under the umbrella of information security, whether it is under direct control of an information security program or delegated to another supporting IT department. One such responsibility is a vulnerable management program.
Vulnerability management is an important part of a matured information security program. At a high level, the objective of vulnerability management is to find and remediate all issues as they are identified. However, as you start examining the matter in-depth, you’ll find that you:
- Need to have a process in place to determine priorities
- Need to have more information than what a vulnerability scanner can provide
- Won’t always be able to fix vulnerabilities; fix what you can and mitigate the rest
As with any good story, we’ll leave that last item for a bit and focus on the top two for now. After all,... read more >
Buzzword Bingo Can Be More Distracting Than You Think
Have you heard the story about the cyberespionage, nation-state APT adversary that used the dark web to purchase data-driven exploit code to build a zero day to bypass the next-generation firewall of company ABC because they weren’t hunting with a cloud-based, big-data correlation platform to identify and orchestrate threat-intelligence protection against the advanced malware on their BYOD IoT and hadn’t conducted a purple team exercise recently? Oh, you have? Me too. Ten times…today.
From a sales and marketing perspective, these buzzwords are worth their weight in gold. From a security perspective, the threats are very real and the corresponding detection and prevention technologies all have their place. I’m plenty guilty myself of using several of these buzzwords, and I’m sure I’ll catch some flak for picking on a lot of the terms that my colleagues use regularly.
All of that said, there is little that can be more... read more >