Many modern forms of malware are now file-less and rely on Command & Control (C2) infrastructure to assist outsiders with gaining unauthorized access to networks. This malware “phones home” to remote attackers, who then leverage the internal foothold to infiltrate networks and execute attacks. These attacks can be difficult to detect when security monitoring is[…]
One of the biggest threats facing enterprises are outsiders plugging directly into an Ethernet port and being granted instant, unauthenticated access to the network. This threat is especially common in hospitals where there is heavy use of computer systems mixed with untrusted outsiders roaming the halls. Shutting down unused ports is the traditional mitigation. Still[…]
In March, 2019, risk3sixty will be hosting SANS MGT414 training program for CISSP Certification.
This course is an accelerated review course that is specifically designed to prepare students to successfully pass the CISSP® exam.
Developing a cyber security baseline can be daunting. Oftentimes the burden falls on the Chief Information Officer or Chief Technology Officer. Before implementing any tool or assessments, management should establish a security baseline.
Bottom Line Up Front Security Researchers have publicly disclosed the details of CPU design flaws that are the result of design decisions made industry wide more than a decade ago to speed up processing and allow a computer’s processor to access information before it was needed. The resultant vulnerabilities, Meltdown and Spectre both exist outside[…]
This past week I completed the SANS SEC560 – Network Penetration Testing and Ethical Hacking course at the SANS Cyber Defense Initiative in Washington DC. With the experience fresh on my mind, I wanted to share my impressions with others considering SANS training. A Quick Overview of the SANS 560 Class Experience Curriculum Overview SANS[…]
This week, Belgian security researcher Mathy Vanhoef released a research paper documenting his discovery of a serious weakness in the WPA2 wireless protocol, which is used to secure all modern protected Wi-Fi networks. The exploit uses a technique called a Key Reinstallation Attack (or KRACK for short), which exploits a weakness in the way that[…]
The Windows IT Administrator tends to be the most high-risk user in the organization. IT Administrators have the potential to perform everyday user tasks with domain admin level accounts; they are most likely to have the ability to use external media in their PCs freely; and, even in the case where the admin user is thoughtfully[…]
Our team was recently tasked with developing an audit plan for Microsoft Office 365. While there are plenty of tools available to assist organizations with performing ongoing audits of user privileges and object permissions in Microsoft Office 365, we were hard pressed to find any solid thought leadership on auditing Office 365 beyond user and[…]
In 2015, Symantec was caught issuing improperly signed cryptographic certifications which could be used to break HTTPS and put internet users at risk. Some of the improperly issued certificates were issued to Google owned domains, which if used maliciously, could allow for impersonation of HTTPS protected Google websites. Understandably, Google was very upset and responded[…]