SecurityThreats

How did the Attacker Gain Entry?

Posted on

In the realm of incidence reporting and response Management: CERT has a process to use. One has to have a Computer Security Incident Response Team (CSIRT) A security incident occurs when unwanted scans and attacks are happening. Breaking a security policy is also a security incident.   Of course breaking into a server and stealing data […]

Securityexploits

Dont pick up stray USB hard drives

Posted on

Another social engineering hacking method is to leave USB hard drives for unsuspecting people. NetworkWorld.com article goes into some details of why the USB hard drive is insecure and can be easily programmed with malware (malicious software). This malware can be designed to inject itself into your computer, or a server. and without you knowing it […]

securitycompliance

What systems did the attacker access?

Posted on

Will your company ever ask this question?     Hopefully the FBI does not call you … As Jim Aldridge from Mandiant says in this youtube video the first thing that will happen is the FBI will call you in a somewhat cryptic manner… Tell you the systems that were compromised and what systems compromised them. That’s […]