Exploitation of the Microsoft® Dynamic Data Exchange (DDE) protocol is increasingly being used to launch malicious code in weaponized email attachments. A native feature in Microsoft, DDE allows data to be pulled from other sources, such as updating a spreadsheet from an external database. As with many features, DDE can be leveraged for malicious purposes. […]
Organizations are faced with threats that range from annoyances to more sophisticated threats crafted by an adversary with intention and forethought on their objectives. The prevalence of exploit kits and malware and botnet toolkits being shared by bad actors across the Internet and Dark Net makes it easier for actors to build more sophisticated threats. […]
Machine learning, or artificial intelligence (AI), is the most recent buzzword making its way around the cybersecurity community as a way to up-level and advance security capabilities. As threats become more sophisticated, machine learning IS needed; however, not every product touting itself as AI is just that. How can organizations determine if a product leverages […]
Companies face such a large and diverse cyber threat landscape, it seems almost impossible to manually review all known threats, let alone guard against them. With the potential of having to sift through 10s of millions of new threat intelligence data points every day, automation-assisted cyber threat management is on the rise. However, the question […]
In the past few weeks, a new strain of self-propagating ransomware dubbed BadRabbit emerged via infected media and government websites, primarily located in Russia and the Ukraine. This strain of malware is being closely compared to WannaCry and NotPetya for how it’s infected and impacted organizations. BadRabbit is delivered via drive-by download from sites infected […]
For those of you building proactive cybersecurity programs, this blog will cover some tips that I hope will help you determine how your security teams can increase the cost on the adversary when those actors attack your organization. Today, threat hunting encourages a more proactive approach to cybersecurity defense tactics. It requires enhancements to the […]
Clickjacking, also known as a “UI Redress Attack,” is a tricky method of getting a user to click on something other than the intended item. Threat actors implement this method by placing buttons or links in front of legitimate items within your view of a web page. In some circumstances, this approach can be used […]
We all know that a strong password is a necessary first step for good cyber hygiene. However, in 2016, 81% of hacking-related breaches leveraged either stolen and/or weak passwords. With numbers like these, it’s no wonder that password-cracking attacks are some of the most used among hackers looking to breach a network.
In many respects, Threat Intelligence (TI) programs are still in their infancy, and security professionals are still struggling to put these programs together. To help security professionals, who strive to build successful TI programs, I recently held a webinar series, “Success Factors in Threat Intelligence” that described a comprehensive business technical approach to the justification, definition, design, and execution of TI programs.