The most important weapon in your arsenal will be your ability to adapt.
-Batman (Bruce Wayne): Batman and Robin V1 #24
I LOVE to research things. Unfortunately, that constant drive to learn also results in a (perhaps not so) healthy level of paranoia. To that end, I take every precaution a security advisor can with their data while still functioning normally in an advanced society, much less a technical career. Because I also advise those in my life to do the same; I am the “go to guy” whenever anything technical happens to them.
Recently, one of these situations occurred. Someone near to me (Let’s call him Alfred) was following a common piece of guidance, “Frequently check online account statuses,” a few hours before taking his family on a multi-state road trip. Much to his surprise, he discovered 59 transactions with matching international fees, all under $3.00.
... read more >
A Cyber Security Risk on Your Wrist?
Smartphones in the ‘90s, outside of Nokia’s N series, weren’t even a thing. Wearable devices were a leftover trend from ‘80s cyberpunk. Images resembling those depicted in Snow Crash and Neuromancer were things of the imagination, but are now becoming part of daily life. “Goggling in” referenced in Snow Crash is a reality made possible by the new rise in virtual reality products like the HTC Vive and Oculus Rift. People are already carrying around what essentially amounts... read more >
Not All Is Lost When You Lose Your Memory
Some time ago I wrote a blog, Memory: It’s What’s for Dinner, about the importance of capturing volatile data and memory analysis. I also provided an intro for memory analysis in Hunting Malware with Memory Analysis and More Memory Fun. What happens if you are not able to grab memory? Obviously, a full memory capture of the suspect system will give you the best chance at recovering volatile information from the system but if you can’t, not all is lost.
Hibernation and page files contain data that can help put the pieces of the puzzle back together. The hibernation... read more >
May 19, 2016 - Posted by Zach Holt to
These days, it’s difficult to discuss security without mentioning privacy. As the amount of data being collected on everything from social media to advertising to medical records shows no signs of stopping, commercial entities and malicious actors alike increasingly look to these information gold mines as sources of data ripe for the taking. The use of this information can be leveraged in a number of ways, from simple customer demographics to highly targeted advertising campaigns, or even something more malicious. After all, wouldn’t a mailing list of recently hacked retailers make for some potentially vulnerable users?
Partner With Your Security Provider: A Fourth Step in Security
I remember back in the day sitting in a classroom. The teacher would tell us to pick a partner and so we did. We picked our friend, or the person next to us, or the classroom dreamboat. It was simple then, because it wasn’t a terribly difficult task to complete.
As we got older, and hopefully wiser, we were asked to pick a partner to complete a task. This time, with more education behind us, we wanted a teammate that could help us complete the task the best. In other words, we wanted to win.Security Partners want to help you win when securing your environment.
Through a process (whatever it may have been for your organization), you picked your security partner. There are some things you will need to take on together in order to get the best end result. Your partner needs to have the same information you have about your network. This allows a proper customized experience for your specific company and needs. A one-size-fits-all solution doesn’t work as... read more >
I recently had the pleasure of performing a combined Social Engineering and Physical Security Assessment over the course of a national holiday. While my story may not come close to what Solutionary Security Consultants' Tim Roberts or Brent White have enlightened you with, I must say this assessment certainly opens one’s eyes to the challenges that an organization, similar in size to the assessed business, faces when growing rapidly and trying to fit in an Information Security program.
While there are many lessons learned, two top takeaways stand out:
- Having the proper corporate structure is one of the most important components in standing up a successful information security program.
- Perceived security is just that – perceived. As my co-worker Andrew Weed put it: “This is like an M&M – a hard candy shell, soft on the inside.” To some extent he is correct. The amount...
I was especially excited to learn about how Solutionary is participating in the events marking the 5th Anniversary of Joining Forces. A nationwide initiative launched by First Lady Michelle Obama and Dr. Jill Biden, Joining Forces works with the public and private sectors to ensure that service members, veterans, and their families have the tools they need to succeed.
After nearly eight-and-a-half years on active duty, three combat deployments, an overseas tour, and countless training rotations, I know firsthand the challenges that come with transitioning from military life to the civilian sector.
As my military career drew to a close, I was excited about the endless possibilities and what I could achieve as a veteran in a predominantly civilian workforce. I knew the skills that I had learned in the Army –... read more >