Getting Social with CRITs
It’s all about relationships. That’s a truism in social situations and in CRITs. In fact, go ahead and think of CRITs as a social animal. CRITs allows you to pretty much connect via relationship every top level item (TLO – link needed) and many sub-items and describe that connect via CYBOX (link) terms. While I’m…
Cloak and Dagger Subterfuge
If you haven’t become concerned about putting off patching and reviewing user permissions in the wake of wanna cry and eternalrocks, then perhaps you should reexamine your risk assessment and management model. Patches of any kind are always inconvenient especially if you are of any size or distribution of forces. Critical patches are even…
YARA Shenanigans and Other Jokes
If it hasn’t become obvious, I have a great appreciation for YARA. So I keep my eye on articles about it, both good and bad. It’s rare that you see a bad one, since it’s tough not to appreciate what it can do. Occasionally, though something profound and funny comes running to your door to…
Announcing 1-Day Deep Dive Courses
CyberDefenses is very excited to announce the availability of a 1-Day Deep Dive series of courses. These new classes each provide students with an immersive experience in a topic that is extremely important within cyber security. In each of these classes, our expert instructors go much deeper than a typical introduction, providing the student…
Samples and Analysis with CRITS
A power function of CRITs is handling, managing and organizing the results of working with sample files. Whether as a function of threat intelligence research, dealing with service tickets or incidents, juggling samples is always a requirement. CRITs helps this process by providing a place to contain samples as well as automated and on-demand processing…
Are You an Interesting Target?
Are you an interesting target? In the rack and stack of threat intelligence, the tactics used by an adversary are illuminating. It’s easier to flip the toggle and switch in and out atomic indicators than to flip over the way you do business. It’s a matter of investment. That domain? Pffftt. No problem. The method…
Are you NIST 800-171 ready? The clock is ticking…
If you are a U.S. federal government contractor (or anyone else who touches CUI), you’re probably aware of NIST SP 800-171. If not, you certainty should be – and fast. One of our newest services is a program that helps contractors understand the requirements in detail, assess where you stand relative to compliance, and then…
Rats in the walls (and in your network)
Ever had an inspector tell you that you have rats in your walls? Given, it’s not likely to be something you’ll want to widely admit, but it happens–no matter how clean, how affluent, or how prestigious you might be. All it takes is the confluence of the right factors. Just add kids, left over…
Petya 2017: Are we looking at ransomware or cyber attack?
By Monty St. John & Chris Rogers The attack began small, but rapidly got everyone’s attention. It didn’t take long in the first hours of Tuesday’s attack for it to become pretty clear that Ukraine was the epicenter of the strike. In fact, more than half of the reports of new “Petya” malware were located…
Wannacry – Can We Really Call It a New Thing?
Plenty out there spoken about Wanna Cry, including on this blog (post and post). At its heart, it’s less ransomware than a worm exploiting a Windows OS vulnerability that looks to the network to infect even more computers. In fact, it was overwhelmingly successful, much more so as a worm than anything remotely as…
Contact CyberDefenses today to learn how we can help your company’s cybersecurity needs.