Category Archives: Data Security

[Podcast] Cyber & Tech Attorney Camille Stewart: Discerning One’...

[Podcast] Cyber & Tech Attorney Camille Stewart: Discerning One’s Appetite for Risk

We continue our conversation with cyber and tech attorney Camille Stewart on discerning one’s appetite for risk. In other words, how much information are you willing to share online in exchange for something free? It’s a loaded question and Camille takes us through the lines of questioning one would take when taking a fun quiz or survey online. As always, there are no easy answers or shortcuts to achieving the state of privacy savvy nirvana.…

What is a Whaling Attack?

What is a Whaling Attack?

A whaling attack is essentially a spear-phishing attack but the targets are bigger – hence whale phishing. Where spear-phishing attacks may target any individual, whaling attacks are more specific in what type of person they target: focusing on one specific high level executive or influencer vs a broader group of potential victims. Cybercriminals use whaling attacks to impersonate senior management in an organization, such as the CEO, CFO, or other executives, hoping to leverage their…

The Malware Hiding in Your Windows System32 Folder: Certutil and Alternate ...

The Malware Hiding in Your Windows System32 Folder: Certutil and Alternate Data Streams

We don’t like to think that the core Window binaries on our servers are disguised malware, but it’s not such a strange idea. OS tools such as regsrv32 and mshta (LoL-ware) are the equivalent in the non-virtual world of garden tools and stepladders left near the kitchen window. Sure these tools are useful for work around the yard, but unfortunately they can also be exploited by the bad guys. For example HTML Application or HTA,…

[Podcast] Cyber & Tech Attorney Camille Stewart: The Tension Between L...

[Podcast] Cyber & Tech Attorney Camille Stewart: The Tension Between Law and Tech

Many want the law to keep pace with technology, but what’s taking so long? A simple search online and you’ll find a multitude of reasons why the law is slow to catch up with technology – lawyers are risk averse, the legal world is intentionally slow and also late adopters of technology. Can this all be true? Or simply heresy? I wanted to hear from an expert who has experience in the private and public…

What C-Levels Should Know about Data Security, Part I: SEC Gets Tough With ...

What C-Levels Should Know about Data Security, Part I: SEC Gets Tough With Yahoo Fine

The Securities and Exchange Commission (SEC) warned companies back in 2011 that cyber incidents can be costly (lost revenue, litigation, reputational damage), and therefore may need to be reported to investors. Sure, there’s no specific legal requirements to tell investors about cybersecurity incidents, but public companies are required by the SEC to inform investors in their filings if there’s any news that may impact their investment decisions. Actual cyber incidents or even potential security weaknesses can…

What Does it Take to Be an Ethical Hacker?

how to be an ethical hacker

What do you think of when you hear the term “hacker”? If you immediately envision a mysterious figure out to illegally access and compromise systems with the intent to wreak havoc or exploit information for personal gain, you’re not alone. While the term “hacker” was originally used within the security community to refer to someone skilled in computer programming and network security, it has since evolved to become synonymous with “cyber criminal,” a change in…

Kerberos Attack: How to Stop Golden Tickets?

Kerberos Attack: How to Stop Golden Tickets?

The Golden Ticket Attack, discovered by security researcher Benjamin Delpy, gives an attacker total and complete access to your entire domain. It’s a Golden Ticket (just like in Willy Wonka) to ALL of your computers, files, folders, and most importantly Domain Controllers (DC). There’s some instances where an attacker may have had a Golden Ticket for several years: there’s no telling what the attackers were able to steal. They got in through a single user’s…

The Malware Hiding in Your Windows System32 Folder: Mshta, HTA, and Ransomw...

The Malware Hiding in Your Windows System32 Folder: Mshta, HTA, and Ransomware

The LoL approach to hacking is a lot like the “travel light” philosophy for tourists. Don’t bring anything to your destination that you can’t find or inexpensively purchase once you’re there. The idea is to live like a native. So hackers don’t have to pack any extra software in their payload baggage to transfer external files: it’s already on the victim’s computer with regsrv32. As I pointed out last time, there’s the added benefit that…

[Podcast] I’m Sean Campbell, Systems Engineer at Varonis, and This is How...

[Podcast] I’m Sean Campbell, Systems Engineer at Varonis, and This is How I Work

In April of 2013, after a short stint as a professional baseball player, Sean Campbell started working at Varonis as a Corporate Systems Engineer. Currently a Systems Engineer for New York and New Jersey, he is responsible for uncovering and understanding the business requirements of both prospective and existing customers across a wide range of verticals. This involves many introductory presentations, proof of concept installations, integration expansion discussions, and even the technical development of Varonis…

The State of CryptoWall in 2018

office building lit up at night

CryptoWall and its variants are still favorite toys of the cybercriminals that want your Bitcoin. In fact, according to the 2018 Verizon Data Breach Investigation Report, ransomware incidents now make up about 40% of all reported malware incidents! Some reports say CryptoWall 3.0 has caused over 325 million dollars in damages since it first came on the scene. CryptoWall first appeared in the wild around 2014: since then, cybercriminals have updated and iterated on it…

Best Practices for SharePoint Permissioning

Best Practices for SharePoint Permissioning

SharePoint is Microsoft’s enterprise-class environment for sharing content: documents, presentations, spreadsheets, notes, images, and more. While SharePoint has many advantages over a raw file system in terms of content management, access to the content still has to be permissioned. SharePoint has its own permission types (view-only, limited access, read, contribute, and more) that can vary by the types of objects (lists, sites, etc.). For a complete list of all the SharePoint permissions and what they…