Blog

Categories

Archives

CyberDefenses - Chess

"Lose Now, Win Later" Principle in Security

Every decision has a distinct set of consequences. Some outcomes can be predicted with particular certainty — others remain dark to any oracular vision. Over time, the effects of a change or shift to security play out. The measured outcomes often become the deciding factors as to whether the original scions have proven beneficial or…

Read More

Credential Dump Collection Automation

In this previous article, it was mentioned at various points that collection should be automated.  After a few emails and slack conversation about it, sharing some approaches to automation seemed in order. Below covers several useful ways to leverage Python to collect from the starting credential sources mentioned in the previous article.   Python works on…

Read More

Credential Dumpster Diving

Credential dumps. Leaked identities. Stuffing lists. Data leaks. The names of the contents change, but the data stays pretty consistent. It is the use, discovery method, and origin of the data that ends up applying the pretty label. Ever been assigned the task to find out what credentials from your company are “out there”? Had…

Read More
CyberDefenses - Launch

Apprentice Program Launch

Colin Tepfer Director of Education I am pleased to announce the launch of the pilot cohort for the innovative new program from Round Rock, Texas based CyberDefenses, Inc. – the Cybersecurity Apprentice Program™.  Through this exciting new program, we are creating our nation’s next generation of world-class cybersecurity threat hunters. Registered under the US Department…

Read More
CyberDefenses - Banner - Security Analyst

Clearing a View to NIST 800-171 Compliance

Last year, to help government contractors navigate the uncertainty and complexity around NIST 800-171 compliance, I launched a training and security program with CyberDefenses. It includes monthly online classes and a 500-page System Security Plan (SSP) template, and I’m happy to report that the program is receiving good reviews. The SSP template uses FedRAMP style…

Read More

Escalating Threats, Meet Our Growing Threat Hunting Team

Increased cyber security challenges  With some of the largest scale hacks occurring last year, there has never been a better time to pay attention and re-evaluate your defenses. An estimated 111 billion lines of new software code being created every year, equates to billions of potential vulnerabilities. There are new estimations that cyber-crime damages will cost the world $6…

Read More
CyberDefenses - Chrime

CHRIME and Execution

Execution comes last in CHRIME, but it’s far from the end at the same time.  Like I’ve mentioned more than once, it can be the beginning, where the steps of the operation performed are a better starting point.  I’ve highlighted many times that CHRIME is meant to be flipped or even used in portions to…

Read More
CyberDefenses - M is for Malware

CHRIME and Malware

Malware, the scourge of our existence as cyber threat intelligence.  It’s the last thing we want to detect in our network and a strong part of our enemy’s arsenal.  In fact, commonly when I’m teaching students about malware in our Introduction to Threat Intelligence class, I explain to them that malware is like a firearm. …

Read More

CHRIME & Intent

Intent.  It’s all about attention, or resolve if you prefer.  It’s equally a discussion of focus and the point behind performing an action.  Those reasons are key points behind the inclusion of Intent, the “I” in CHRIME, in the first place.  It speaks to the “why”, something always asked in the context of an event. …

Read More

CHRIME and Reputation

  No one lives in a vacuum.  Just like the process of living leaves artifacts that point to history, so do the same events leave behind a trail of impacts, of evaluations that we clump together to call reputation.  Reputation is the “R” in CHRIME and a key factor in evaluating an event, element or…

Read More