https://isc.sans.edu/ has a good post on how to do some rudimentary searches… Specifically https://isc.sans.edu/forums/diary/Botnets+spreading+Dridex+still+active/20295/ is the post. The image above is the same image from isc.sans.edu today post, notice how Brad Duncan searched for the Dridex malware with the hash mark, so if there is a suspected malware you are interested in researching that is a great … Read more
When do Wifi attacks Succeed? It depends on your setup Some basics: First of all, change your default admin password (since default admin passwords are on the Internet so that users can manage their WiFi Access points). New access points may look like this: and the support page shows how to access the WiFi … Read more
When we set up a Network we segment the network. The firewall protects the inside network, and the inside network critical systems are separated from the rest of the devices. Also for compliance reasons one needs to segment networks. So the hacker wants to see all the computers… (how?) VLAN hopping. http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-convery-switches.pdf This is … Read more
If set up correctly your Firewall logs will tell you what is most important about your network, your employees, any trojans or viruses that are running in your network, etc. How do we do that in a way that can effectively make a safer network? SANS.org has a great pdf document that discusses this topic … Read more
As other blog posts have mentioned in the past: Schneier: https://www.schneier.com/blog/archives/2013/01/people_process.html http://www.computerweekly.com/blogs/david_lacey/2013/01/we_need_more_use_of_security_t.html Here is the “Security Triangle” People, Process, and Technology. Image from: http://www.business2community.com/online-communities/social-intranets-merging-people-process-and-technology-0126252 Even though the image above is for social media, I like it because it shows the number of items in People that must be behind your new security push. “Security People” … Read more