What We Can learn From Baltimore City Ransomware Attack

From WSJ article On May 7th hackers were able to shut down a number of city of Baltimore computers. They demanded $100k worth of bitcoins to release their stranglehold. On this day that is about 13 Bitcoins (value of Bitcoins fluctuates). So Baltimore is refusing to pay as they should. The ransomware the hackers used … Read more

How Many Companies are getting Attacked By China?

It may be hard to source some attacks, but it depends on the attack as well. We also have to decide what data to use as to who got attacked? Following data and image is from FBI report: https://www.ic3.gov/media/annualreport/2018_IC3Report.pdf The answer to the question is 367 entities were attacked and reported to the FBI in … Read more

Linux Rootkits Hard to Detect

First of all what is a rootkit? A collection of software that runs and tries to hide from the computer user and administrator while also allowing the attacker access to the computer. It does this by connecting as ‘root’ to the Operating System kernel.  In Linux ‘root’ is the administrator. If you can masquerade as … Read more

How About Adversary Based Threat Analysis?

Another Thotcon presentation was very good, unique and moves the industry forward. Julian Cohen presented This idea: “Understanding Your Adversaries” In his talk: “Adversary-Based Threat Analysis” He explained that in the traditional Threat modeling Process  the following 6 items happen. Identify Assets Create Architecture Overview Decompose an Application Identity the Threats Document the Threats Rate … Read more