-
Mar 25, 2016
4 Step Guide to Managing Network Share Permissions
Setting up network file sharing is one of those core IT practices that every Windows admin knows about and has implemented as part of their daily work. The basic mechanics...
David Gibson
6 min read
-
Mar 17, 2016
There’s Something About Frameworks: A Look at HITRUST’s CSF
Repeat after me: frameworks are not standards. They are instead often used as a guide to navigate through the underlying standards. There are lots of frameworks cropping up in the...
Michael Buckbee
2 min read
-
Mar 08, 2016
With KeRanger, Mac Users Are No Longer Immune to Ransomware Threats
Cybercriminals who previously targeted Windows operating systems with ransomware have expanded their customer base to include the Mac OS. Known as KeRanger, it’s the first ransomware variant detected that infects...
Michael Buckbee
1 min read
-
Mar 03, 2016
Penetration Testing Explained, Part VII: Exfiltration and Conclusions
In this series of posts, I covered ideas to get you started using basic testing software to find security vulnerabilities. There are more advanced tools, such as Metasploit, which lets...
Michael Buckbee
4 min read
-
Feb 17, 2016
Entrepreneurial RATs: AlienSpy and TaaS (Trojans as a Service)
When I wrote about Remote Access Trojans (RATs), I thought they were like the mousetraps of the hacking world — it’s hard to improve on. RATs let hackers get a...
Michael Buckbee
2 min read
-
Feb 09, 2016
Lessons from the Malware Museum
If you haven’t already seen Mikko Hypponen’s collection of vintage malware at the Internet Archive, take the time for a brief tour. If you’re on a lunch hour, it’s also...
Michael Buckbee
2 min read
-
Feb 05, 2016
New Updates to the CIS Critical Security Controls
If you haven’t already heard, the Top 20 Critical Security Controls has a new name. Last year, after the Center for Internet Security(CIS) integrated with the Council on Cybersecurity, the...
Michael Buckbee
5 min read
-
Jan 21, 2016
Social Engineering Remains a Top Cybersecurity Concern
In 2016, the top cyberthreat for IT pros, at least according to ISACA’s Cybersecurity Snapshot, is social engineering. It has always been a classic exploit amongst the hackerati. But in...
Michael Buckbee
3 min read
-
Jan 18, 2016
Current Privacy Risks in Genetic Testing
The idea of taking a direct-to-consumer(DTC) genetic test is intriguing. What was once considered an expensive test that could only be performed in a medical environment can now be purchased...
Michael Buckbee
3 min read
-
Jan 10, 2016
Varonis Seven Part Guide to Penetration Testing
Our sprawling pen-testing series has taken on a life of its own! For your convenience and blog reading pleasure, we’ve assembled all the links to this six seven part series below....
Michael Buckbee
1 min read
-
Jan 06, 2016
Penetration Testing Explained, Part VI: Passing the Hash
We’re now at a point in this series where we’ve exhausted all our standard tricks to steal credentials — guessing passwords, or brute force attacks on the hash itself. What’s...
Michael Buckbee
2 min read
-
Jan 05, 2016
Varonis and the Building Security in Maturity Model (BSIMM)
With major security threats and vulnerabilities making headlines daily, it’s good to hear there’s now a way for organizations to share experiences and strategically work together. Through the Building Security...
Michael Buckbee
6 min read