Introduction Zero Trust security is a new way of thinking about network security. It’s not just a buzzword; it’s a full-fledged, holistic approach to protecting your organization. But what does all that mean? Let’s break it down with some analogies and examples: The Zero Trust Model The Zero Trust Model is a security model that… Read More »What is Zero Trust?
Ransomware was a small threat until 2011 when WinLock appeared on the scene. This variant targeted people in Russia primarily by locking their computer and demanding payment via a nearby convenience store to unlock it again. The malware made headlines as one of the first pieces of malware to use an “asynchronous” payment system, which required victims to purchase prepaid cards at local stores in order to pay off their ransom (a practice still used today by many ransomware variants).
Introduction The networking world is ever changing. The internet is a vast place and the threats that lurk there are growing in number every day. In order to keep your network safe from those threats and other attacks you need to know what’s on it. That means knowing what devices are connected to your network,… Read More »Are you aware of your network surroundings?
Introduction Understanding the different types of threat intelligence levels is important when discussing the advancement of any organization. It’s more than just collecting and compiling data. The purpose of threat intelligence is to use analytical methods and indicators to detect threats and vulnerabilities, then give advice on how to handle them. Strategic threat intelligence Tactical… Read More »Understanding the different levels of threat intelligence
RapperBot is a distressing new application that can ruin your day if it happens to get onto your server. It infiltrates SSH servers and causes all sorts of mayhem. It changes passwords, adds users, and does many other terrible things. If you run an SSH server at home or for business and are concerned about… Read More »Protect against malicious RapperBot malware
Encryption is the process of encoding data so that only authorized users can access it. Encryption is used to protect sensitive information and prevent it from being accessed or modified by unauthorized parties. Symmetric Encryption Symmetric encryption uses the same key for both encryption and decryption. This means that the sender and receiver must have… Read More »What Are The Differences In Encryption?
Introduction A Security Information and Event Manager or SIEM is a system that allows you to monitor all of your log data and alerts in real time. It provides a centralized location for security operations, allowing you to see what’s happening across your entire organization without having to check multiple disparate tools. This means that… Read More »What benefits will a SIEM give me
Introduction A penetration test is a process used to assess the security of a network, web application, api or mobile application. It involves probing the target’s defenses and attempting to achieve unauthorized access. The goal is to determine vulnerabilities and pinpoint weaknesses in order to improve the overall security posture of your company’s systems. These… Read More »What to expect with a Penetration Test
Introduction The goal of any incident response plan is to quickly detect and mitigate an incident. To do this, you need to have a comprehensive plan in place that involves preparedness, establishing a team, creating an incident response timeline, and providing training. Prepare for the worst This is one of the most important steps in… Read More »How to handle an Incident Response
As a security professional, I find myself doing more malware removal from websites that are run using either WordPress, Joomla or Drupal. Most of what I find are php files that are riddled with base64 code. This code is great for threat actors to hide their invasive malware from malware scanners. I want to show you how to find this code and show what is hidden in your php files.