38 posts categorized "Cyber Crime" Feed

LMTV Live | Modern Attack Vectors – A Compounded Headache (with Andrew Vladimirov)

EVENT START TIME: 9:30 AM PST - Wednesday, September 5th, 2018

This week we will be talking with Andrew Vladimirov of Arhont Information Security, about the new tricks hackers are using to get their hands on your data and do other nasty things.

Before you implement counter information security measures, do you know what you are protecting against? Do you understand the actual risks your business faces and the attacker strategies that are used?

Determined and skilled hackers employ a combination of social engineering and technical (client/server/application/database/all 7 OSI layers network) attack means which interchange subject to how events unfold and where the next available gap can be found. Until you fully understand how an attacker approaches work in combination of these methods and how these create compounded risks, you will continue building virtual Maginot lines and gasping at being outflanked yet another time. 

In this LMTV session we will discuss the how hackers combining social engineering and technical attacks, make the most devastating and difficult to protect against today.  We will suggest ways you should start planning against these.


Mapping Network Security Resilience To The NIST Cybersecurity Framework (by Keith Bromley)

Mapping Network Security Resilience To The NIST Cybersecurity Framework!

On May 11, 2017 President Trump issued his Presidential Executive Order 13800. As part of this executive order, all government agency heads will be held accountable for implementing solutions and managing the risks associated with threats to our nation’s cybersecurity and thus must take immediate action to review cybersecurity protocols in order to upgrade each department’s IT infrastructure. Furthermore, the executive order mandates the use of the NIST Framework for Improving Critical Infrastructure Cybersecurity within government agencies.

The NIST Framework for Improving Critical Infrastructure Cybersecurity provides a common language for understanding, managing, and expressing cybersecurity risk. This framework is built upon concepts to organize information, enable risk management decisions, address threats, and improve through lessons learned.

The foundation to these concepts are aligned within five core functions:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

A new whitepaper from Ixia (a Keysight Business) called Deploying a Layered Visibility and Cybersecurity Architecture provides an overview of how to combine a visibility architecture with a security architecture to address the NIST architecture. The following excerpt provides a short of overview of how to accomplish this. A full discussion on the subject is contained within the whitepaper.

Review the foundation concepts - Framework-01

Continue reading "Mapping Network Security Resilience To The NIST Cybersecurity Framework (by Keith Bromley)" »


Searching for a Protocol Solution to Phishing (by Nalini Elkins)

Searching for a Protocol Solution to Phishing

 

Phishing and other social engineering attacks are a large problem for enterprises.   You may wish to look at WikiPedia for the data breach at the Office of Personnel Management (OPM) at https://en.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach.  This breach released personal information including the names, addresses, and social security numbers of millions of  federal employees and contractors.   The breach was most likely a result of a successful social engineering attack.

Yet, we are at the very beginning of what might happen.  We may look back on these days as the days of innocence.   Today, when you get a phishing email from someone telling you that you have won millions of dollars in a lottery that you never entered or a request from someone in a distant country to help them with their inheritance, you laugh (or grimace) and wonder why the spam blocker is not working.

Things are changing - 

Continue reading "Searching for a Protocol Solution to Phishing (by Nalini Elkins)" »


A Wi-Fi Router as a Witness Device! (by Daniel Arrugueta)

A Wi-Fi Router as a Witness Device

Note: attached is the full document in .pdf format and is awesome reading for forensic investigators!

Download A WiFi Router as a Witness Device Full Document!

Witnesses often are crucial elements in solving and prosecuting criminal or civil violations.  We now regularly use data that various technologies record. Digital witness devices provide a source of largely unbiased and dependable information to the investigator and prosecutor. However, many often ignore or do not even recognize commonly available electronics as potential witness devices.  One such device is the wireless router found in most homes and businesses.

As with any witness, some sort of vetting and consideration is wise. Reliability, bias, memory, physical abilities, etc., all can be factors that play roles in the use of digital witness devices and the use of their data. Whether you consider data from digital cameras, microphones, cell phones, computers, or Wi-Fi (wireless) routers, you should approach each with an open eye and determine clearly what each actually offers to your investigation. Data typically is reliable; how you interpret and present that data is key to its ultimate usefulness. Criminal radiation

Continue reading "A Wi-Fi Router as a Witness Device! (by Daniel Arrugueta)" »


Would You Rent Out Your Personal Info (by Tony Fortunato)

Think about how much personal information you currently have in your phone’s contacts or address book.

We all have the following in our address books; addresses, phone numbers, birthdays, etc. I remember when cell phones were first introduced and there were constant warnings not to put sensitive information on your phone. Those warnings seem to be far fewer since people rely on their phone’s security features to protect access.  Features from screen locks to the ability to ‘wipe’ your personal and sensitive data if your phone is stolen.

How would you feel if someone had access to the information in your contacts or address book without touching your phone or compromising your cloud account where it may be backed up?

Have I got a story for you…

Last week I was on the road and when picked up my rental car, I noticed something odd.

I tried to pair my phone to the car’s Bluetooth, but couldn’t because the maximum number of devices were already paired. I verified that there were many other devices that were paired. Out of curiosity, I checked the contact list in the car and in between regular entries, saw some fairly personal entries like trading account info, security codes, school login, bank stuff, website login..  yikes!!!

20160911_185520

Continue reading "Would You Rent Out Your Personal Info (by Tony Fortunato)" »