Not Your Average Cyber Attack

I recently attended an industry conference.  During a break, I chatted with a group of attendees and learned something eye-opening.  The purpose of many cyber attacks is not necessarily to obtain intellectual property, PCI or PII data; many times, it’s to devalue a company by making small changes that impact management decisions and revenue.  Even…

Secure Crypto: TLS 1.3 – Authentication and Encryption

The TLS Working Group in the IETF is working on specifying a new version of the TLS protocol: TLS 1.3. One improvement being included is targeted at preventing CBC padding attacks like: the padding oracle, BEAST and Lucky Thirteen. TLS 1.0 was found to be vulnerable to a padding oracle attack. An attacker sends packets…

Enduring User Authentication: You Should Be Reimagining Your Strategies

There are two distinct meanings of the word “endure,” both of which are highly appropriate in the context of the current state of user authentication: To suffer patiently with the current state of something To last for a long time to come The current state of user authentication—which continues to be dominated by traditional usernames…

The Targeted Forensics Series: Confirming Remote Desktop Connections (Part 2 of 2)

As a ACD consultant at RSA, one of my goals is to get our clients to focus on incident investigation and not just resolution. Of course this is easier said than done and of course there are many different ways to do so, but one component I always recommend is performing Live Response/Targeted forensics. This…

Things that go Bump in the (Cyber)Night

A little verse, in honor of Halloween.   It was a dark and stormy night and all through the network ghostly ghouls and scary creatures around each byte lurk.   Zombies crash through the firewall and Monsters infect machines Goblins eat up data, Yikes! it is such a horrible scene.   We find our heroes…

Why a User-centric Identity System Is Fast Becoming a Requirement

Current systems make it challenging (if not impossible) to use one set of credentials across multiple services. As a result, users are required to have multiple username and password combinations to access different applications and services, each of which has its own requirements regarding password strength and expiration periods. Users are challenged to remember so…

Secure Crypto: TLS 1.3 – A New Beginning

The Transport Layer Security (TLS) Working Group of the IETF has taken on the task of specifying a new version of the TLS protocol. There have been a number of attacks against TLS reported in the last few years: Renegotiation Attack, BEAST, CRIME, BREACH, RC4 Attack, Lucky Thirteen, Truncation Attack, and Triple Handshake Attack. TLS…

The Targeted Forensics Series: Confirming Remote Desktop Connections (Part 1 of 2)

As a ACD consultant at RSA, one of my goals is to get our clients to focus on incident investigation and not just resolution. Of course this is easier said than done and of course there are many different ways to do so, but one component I always recommend is performing Live Response/Targeted forensics. This…

Navigating the Business Challenges of Identity Lifecycle Management

Managing the identity lifecycle is essential for ensuring the security and privacy of business data. The identity lifecycle management continuum encompasses managing user identities and access rights when users join an organization, ensuring that changes to roles and responsibilities are accounted for during their employ, and making sure that all access rights are terminated when…

What is the Internet of Things? And Why is Securing it so Important?

In the past few months, we’ve all likely heard a great deal about the “Internet of Things” (IoT), along with plenty of hype about how it’s going to revolutionize so many aspects of our lives. Smart light bulbs! Internet-connected refrigerators! A digital mesh of autonomous cars! Like many overly hyped ideas, of course, reality is…