Malware Analysis
Introduction to Malware Analysis | SANS Lenny Zeltser
Five Awesome Tools to perform Behavioural Analysis of Malware
Apr 19 2019
Malware Analysis
Apr 18 2019
What CISO does for a living
What CISO does for a living by Louis Botha
It’s based on the CISO mindmap by Rafeeq Rehman, updated for 2018 and adding the less technical competencies
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/04/CISO-does-for-living.pdf” title=”CISO does for living”]
Download of What CISO does for a living (pdf)
CISO MindMap 2018 – What Do InfoSec Professionals Really Do?
CISO should have answers to these questions before meeting with the senior management.
- What are the top risks
- Do we have inventory of critical InfoSec assets
- What leading InfoSec standards and regulations apply to us
- Are we conducting InfoSec risk assessment
- Do we have risk treatment register
- Are we testing controls, including DR/BCP plans
- How do we measure compliance with security controls
- Do we have data breach response plan
- How often we conduct InfoSec awareness
- Do we need or have enough cyber insurance
- Is security budget appropriate to current threats
- Do we have visibility to critical network/systems
- Are vendor risks part of our risk register
Apr 17 2019
Two-factor authentication: A cheat sheet
A password alone will not protect sensitive information from hackers–two-factor authentication is also necessary. Here’s what security pros and users need to know about two-factor authentication.
Source: Two-factor authentication: A cheat sheet
Apr 16 2019
Google’s location history data shared routinely with police
Law enforcement officials in the US have been routinely mining Google’s location history data for criminal investigations.
Source: Google’s location history data shared routinely with police
Apr 15 2019
Hackers could read non-corporate Outlook.com, Hotmail for six months
Hackers and Microsoft seem to disagree on key details of the hack.
Source: Hackers could read non-corporate Outlook.com, Hotmail for six months
Apr 15 2019
Internet Explorer flaw leaves Windows users vulnerable to hackers — even those who don’t use the browser
A zero-day exploit found in Internet Explorer means hackers could steal files from Windows users. What’s particularly interesting about this security flaw is that you don’t even need to…
Apr 13 2019
Anatomy of a spearphishing attack
Anatomy of a spear phishing attack
You may be wondering what it takes to send this type of attack. This is not trivial, and can only be done by someone trained in advanced hacking techniques. We will first take a look at the steps required to send an attack, and then we’ll look at steps to mitigate this threat. For the (simplified) attack steps we am freely borrowing from a great blog post by Brandon McCann, a well-known pentester.
Apr 12 2019
‘Dragonblood’ Flaw In WPA3 Lets Hackers Easily Grab Your Wi-Fi Passwords
In a research paper titled Dragonblood, published by security researchers Mathy Vanhoef and Eyal Ronen, it has been revealed that WPA3’s secure handshake called Simultaneous Authentication of Equals (SAE), commonly known as Dragonfly, is affected by password partitioning attacks.
Source: ‘Dragonblood’ Flaw In WPA3 Lets Hackers Easily Grab Your Wi-Fi Passwords
Serious flaws leave WPA3 vulnerable to hacks that steal Wi-Fi passwords
Multiple Vulnerabilities in WPA3 Protocol
Apr 11 2019
Half of security pros would rather walk barefoot in a public restroom than use public Wi-Fi
Public Wi-Fi is rife with security risks, and cybersecurity professionals aren’t taking any chances, according to a Lastline report.
Source: Half of security pros would rather walk barefoot in a public restroom than use public Wi-Fi
Apr 10 2019
How to achieve cyber resilience in 7 steps
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/04/Cyber-Resilience-in-7-Steps.pdf” title=”Cyber Resilience in 7 Steps”]
Apr 09 2019
LimeRAT spreads in the wild
Cybaze-Yoroi ZLab team spotted an interesting infection chain leveraging several techniques able to defeat traditional security defences and spread LimeRAT.
Source: LimeRAT spreads in the wild
Apr 08 2019
Information Security Policy Templates
SANS offers 27 free #cybersecurity policy templates to help your organization develop and implement #infosec policies.
Free information security policy templates courtesy of the SANS Institute, Michele D. Guel, and other information security leaders.
Source: SANS Information Security Policy Templates
Apr 08 2019
How to protect your business from tax fraud
With the April 15th filing deadline around the corner, cybercriminals are counting on a rushed response to questions to infect potential victims.
Source: How to protect your business from tax fraud
Apr 05 2019
How to completely and securely delete files in Windows
To make sure a deleted file can’t be recovered, you’ll need to use a third-party shredding tool. Here’s a look at three such free programs: Eraser, File Shredder, and Freeraser.
Source: How to completely and securely delete files in Windows
Apr 05 2019
How to avoid document-based malware attacks
Some 59% of all malicious files detected in the first quarter of 2019 were documents, according to a Barracuda Networks report. Here’s how to protect yourself against this growing threat.
Source: How to avoid document-based malware attacks
Apr 03 2019
Hospital viruses: Fake cancerous nodes in CT scans, created by malware, trick radiologists
Researchers in Israel created malware to draw attention to serious security weaknesses in medical imaging equipment and networks.
Source: Hospital viruses: Fake cancerous nodes in CT scans, created by malware, trick radiologists
« Previous Page — Next Page »
