For IT Pros Only

Lets be clear: this is for IT people. Not because IT people are better looking and drive cooler cars than the general populace (which is true: most IT departments look like extras from the set of The Fast and Furious), but because unless you're familiar with things like the dark blackness that grips your soul when you discover that two NICs have the same MAC address on your network - you probably aren't going to appreciate this at all.

Get Your Cards Now
Data Security
pink and purple lights in a dark city

Endpoint Detection and Response (EDR): Everything You Need to Know

Endpoints are a favorite target of attackers – they’re everywhere, prone to security vulnerabilities, and difficult to defend. 2017’s WannaCry attack, for example, is reported to have affected more than 230,000 endpoints across the globe. What is Endpoint Detection and Response (EDR)? Endpoint detection and response (EDR) platforms are solutions that monitor endpoints (computers on the network, not the network itself) for suspicious activity. Coined by Gartner analyst Anton Chuvakin in 2013, EDR solutions focus…
Data Security

The Malware Hiding in Your Windows System32 Folder: More Alternate Data Str...

Last time, we saw how sneaky hackers can copy malware into the Alternate Data Stream (ADS) associated with a Windows file. I showed how this can be done with the ancient type command. As it turns out, there are a few other Windows utilities that also let you copy into an ADS. For example, extract, expand, and our old friend certutil are all capable of performing this ADS trick. For a complete list of these…
Compliance & Regulation
security cameras on a white wall

NIST 800-171: Definition and Tips for Compliance

Do you or does a company you work with deal with the Federal Government? The National Institute of Standards and Technology (NIST) has some important information regarding your important information. NIST 800-171, interchangeably referred to as NIST SP 800-171, went into full effect December 31, 2017: even if you don’t fall under the jurisdiction of NIST SP 800-171, the core competencies are still good data security guidelines. What is NIST 800-171? NIST itself is a…
Compliance & Regulation
privacy policies of tech companies after gdpr

The Average Reading Level of a Privacy Policy

On May 25th, 2018 the European Union’s General Data Protection Regulation, better known as GDPR, became an enforceable law. The policy was implemented primarily to create greater transparency regarding how companies handle personal data, and to enforce stricter requirements around the use and sharing of that personal data. While the regulation pertains to the personal data of EU citizens, the law and fines for misconduct still apply regardless of whether the person is paying for…
Compliance & Regulation

EU NIS Directive (NISD) Holds Surprises for US Online Companies

Last month, a major data security law went into effect that will impact businesses both in the EU and the US. No, I’m not talking about the General Data Protection Regulation (GDPR), which we’ve mentioned more than a few times on the IOS blog. While more narrowly focused on EU “critical infrastructure”, the NIS Directive or NISD also has some surprising implications for non-EU companies not remotely in the business of running hydroelectric plants or…
Data Security

[Podcast] Cyber & Tech Attorney Camille Stewart: Discerning One’...

We continue our conversation with cyber and tech attorney Camille Stewart on discerning one’s appetite for risk. In other words, how much information are you willing to share online in exchange for something free? It’s a loaded question and Camille takes us through the lines of questioning one would take when taking a fun quiz or survey online. As always, there are no easy answers or shortcuts to achieving the state of privacy savvy nirvana.…
Data Security

What is a Whaling Attack?

A whaling attack is essentially a spear-phishing attack but the targets are bigger – hence whale phishing. Where spear-phishing attacks may target any individual, whaling attacks are more specific in what type of person they target: focusing on one specific high level executive or influencer vs a broader group of potential victims. Cybercriminals use whaling attacks to impersonate senior management in an organization, such as the CEO, CFO, or other executives, hoping to leverage their…
Data Security

The Malware Hiding in Your Windows System32 Folder: Certutil and Alternate ...

We don’t like to think that the core Window binaries on our servers are disguised malware, but it’s not such a strange idea. OS tools such as regsrv32 and mshta (LoL-ware) are the equivalent in the non-virtual world of garden tools and stepladders left near the kitchen window. Sure these tools are useful for work around the yard, but unfortunately they can also be exploited by the bad guys. For example HTML Application or HTA,…
Data Security

[Podcast] Cyber & Tech Attorney Camille Stewart: The Tension Between L...

Many want the law to keep pace with technology, but what’s taking so long? A simple search online and you’ll find a multitude of reasons why the law is slow to catch up with technology – lawyers are risk averse, the legal world is intentionally slow and also late adopters of technology. Can this all be true? Or simply heresy? I wanted to hear from an expert who has experience in the private and public…
Data Security

What C-Levels Should Know about Data Security, Part I: SEC Gets Tough With ...

The Securities and Exchange Commission (SEC) warned companies back in 2011 that cyber incidents can be costly (lost revenue, litigation, reputational damage), and therefore may need to be reported to investors. Sure, there’s no specific legal requirements to tell investors about cybersecurity incidents, but public companies are required by the SEC to inform investors in their filings if there’s any news that may impact their investment decisions. Actual cyber incidents or even potential security weaknesses can…
Data Security
how to be an ethical hacker

What Does it Take to Be an Ethical Hacker?

What do you think of when you hear the term “hacker”? If you immediately envision a mysterious figure out to illegally access and compromise systems with the intent to wreak havoc or exploit information for personal gain, you’re not alone. While the term “hacker” was originally used within the security community to refer to someone skilled in computer programming and network security, it has since evolved to become synonymous with “cyber criminal,” a change in…
Data Security

Kerberos Attack: How to Stop Golden Tickets?

The Golden Ticket Attack, discovered by security researcher Benjamin Delpy, gives an attacker total and complete access to your entire domain. It’s a Golden Ticket (just like in Willy Wonka) to ALL of your computers, files, folders, and most importantly Domain Controllers (DC). There’s some instances where an attacker may have had a Golden Ticket for several years: there’s no telling what the attackers were able to steal. They got in through a single user’s…