Incident Response Preparation

Preventing Incident Response Frustration #WarStoryWednesday

David Biser

August 03, 2016 - Posted by David Biser to Security Insight

Threat Intel

Ever try to chop down a tree with a fork? Any type of skilled labor requires the use of proper tools, and incident response is no different. In my experience as an incident responder, many organizations often lack both the proper incident response tools and staff trained to use those tools. In this war story, we take a look at what that can mean for rapid response and remediation.

Incident Response War Story

In a recent incident response engagement, a victim of a data breach contacted us regarding the loss of credit card data. This company had received a notification from a Federal law enforcement agency, which, during an investigation, had observed the organization’s IP addresses in relation to stolen credit card data. Further investigations showed that the stolen credit card data had been taken from the organization’s network. The notification had little for the organization to go on, which is typical in this type of situation. Yet,... read more >

NTT Group Unifies the NTT Security Businesses to Form NTT Security Corporation

Mike Hrabik

August 01, 2016 - Posted by Mike Hrabik to Security News

NTT Security

I am extremely excited to let you know that NTT Group has unified the NTT security businesses to form NTT Security Corporation, a specialized security company to deliver Managed Security Services (MSS) and security expertise through the NTT operating companies worldwide. NTT Security will combine Solutionary with NTT Coms Security and the managed security services platforms of both Dimension Data and NTT Communications, all of which will be integrated with the security platform of NTT Group’s R&D arm, NTT Innovation Institute. As a result of the merger, the Solutionary company name will change after August 1 to NTT Security (US) Inc. This name change will allow us to present ourselves as a fully-fledged subsidiary of the NTT Group.

The rationale for this merger is quite simple: together we have an improved ability to deliver what our clients and the security industry have long been asking for – an integrated approach to cutting-edge security solutions... read more >

Fine Tuning Your Environment

Order of operations

Loren Paquette

July 28, 2016 - Posted by Loren Paquette to Security Insight

Sometimes, a little old school math can help restore order when it comes to fine tuning your environment. Let me explain.

Definitions:

Software: Specific, as in OpenSSH
Software version: More specific, as in OpenSSH 6.2
Signature: A known pattern that we are looking for. Typically this affects specific software.
Traffic: For our examples, it will be traffic that either matches a pattern or does not.
Event: An alert that says "Look at me!... read more >

The SERT Q2 ‘16 Quarterly Threat Intelligence Report

Shrinking variety of attacks, inside Business Email Compromises, update on ransomware, perspective on China’s new Five Year Plan, and highlights from PCI DSS 3.2.

Jon-Louis Heimerl

July 26, 2016 - Posted by Jon-Louis Heimerl to Threat Intelligence

The Solutionary Security Engineering Research Team  (SERT) released its Q2 2016 Threat Intelligence Report today.

Solutionary observed a flattening of attack types during Q2 ’16. In recent quarters, web applications made up as much as 42 percent of observed attacks. In Q2 ’16, web application attacks made up 24 percent of such attacks. The top three attack types – web-application... read more >

Advancing Information Security Knowledge: Part 2

Learning from a Mentor

Bryan Pluta

July 21, 2016 - Posted by Bryan Pluta to Security Insight

Board Meeting

In information security, there are so many career niches, so many new information security topics and technologies and so many evolving cyberattacks and breaches. To keep up with the rapidly changing information security field, you can never stop learning. One fantastic method to become more educated is to find a mentor.

How do you find a good mentor?

A good mentor is someone who has patience and is able to explain complex topics in a multitude of different ways to ensure everyone is able to understand. One of the best places to look for a mentor is at your current place of employment. Many people have senior individuals where they are employed that have been in the field for years and can explain highly complex topics. If there is a senior person where you work, try asking them if you can shadow them when they perform specific tasks that you want to learn more about. You can also ask if they can set aside time on a weekly or monthly... read more >

Advancing Information Security Knowledge: Part 1

Becoming a Mentor

Bryan Pluta

July 14, 2016 - Posted by Bryan Pluta to Security Insight

Mentors

Over the last couple of weeks, I have become more involved with training and education as it relates to the information security realm. Finding myself thinking more and more about the need for advancing information security knowledge, I've realized how important becoming a cyber security mentor is to those in need.

Those of us who are more senior and have deep expertise and firm grasp on the concepts and practices relating to information security, have the ability to help others in our field. By becoming a mentor, you can share your security knowledge, help others learn and develop their own skills, create a larger population of skilled people, and ultimately help advance the overall knowledge level in the field.

Mentoring works because it lets one learn from the other person’s successes and – yes – failures. Being a mentor can take a formal route. You can, for example, be an instructor at a college, university, or technical school. You... read more >

Hacking Gift Cards: Part 2

Ways to safeguard against gift card exploitable vulnerabilities

Will Caput

July 07, 2016 - Posted by Will Caput to Security Insight

In my previous blog, Hacking Gift Cards, I outlined how you can get free food by enumerating valid gift cards with Burp Intruder. This blog continues that narrative, but adds in other types of cards and attack vectors. In addition, I’ll illustrate some problems with gift card balance checking, and how gift cards can be easily enumerated without the card holder’s knowledge or permission. In some cases, the security surrounding a gift card is so bad you don’t even need to use Burp Intruder.

Prerequisites:

Burp Suite Professional
https://portswigger.net/burp/

In Hacking Gift Cards Part 1, I discussed six gift cards that had a discernible pattern. Identifying the pattern allowed us to find values on cards that were already sold and had value. In searching for more targets, I... read more >

<< Newer Entries | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS