APT

The Realm of Threat Intelligence – It’s all about the Packets, or is it?

Full Packet Capture (FPC), those three little words are enough to make most security analyst salivate at the prospect of finding and detecting attacks. Back in the days before anyone realized that you could build an Intrusion Prevention System to actually stop attacks, the Intrusion Detection System was king. If you were very lucky you…

Defend the Kingdom – My Final Thoughts

Episode #6 of Defend the Kingdom, “Ghost in the Machine”, brings to close the dramatic battle between good and evil in both Marty’s imagination and his daily work as a security “hunter”.   The episode reveals a highly skilled, persistent, maniacal adversary bent on the Kingdom’s ultimate destruction.  In Marty’s alter-universe, he sees this as an…

E6 – Ghost in the Machine – Curtain Call

The Hunter’s horse panted heavily and churned up dust as it raced down the dirt road towards the Frontier.  The moonlight glanced off the swirling clouds of powder in the horse’s wake.  The Hunter gritted his teeth as the horse careened around a corner. His mind raced.  He wondered if he would make it in…

E6 – Ghost in the Machine – No Longer Fun and Games

Dave Reinhardt, gritty, determined, wizard of MagnaCorp security, arranged his notes on the conference room table once more.   He sat alone briefly while the team took a break.  As he arranged the pages for his upcoming briefing to his fellow executives, he paused to look around the room.  The whiteboards of the breach war room…

E6 – Ghost in the Machine – Phantom Tracks

The Ghost exited the massive wagon nodding at the Guard as he passed. His trips to the wagon had been spaced out such that he knew each Guard had only seen him minimally. Once he had figured out the rotation of the guards’ schedules, it took only patience and time to determine the frequency and…

E6 – Ghost in the Machine – Honey, I’m Home

Greg and Marty exited the data center and made a beeline to their cubicles. Their smug looks made it apparent they were up to no good and enjoying it. They had just left their partners in crime – Erin and Carl – with a laundry list of To Dos. Erin and Carl were now busily…

E5 – The Flies and the Hornet – Technical Dialogue

Episode #5 of Defend the Kingdom, “The Flies and the Hornet”, begins with Marty briefing Dave Reinhardt the CISO on a significant compromise of MagnaCorp’s security.  Improper logins, remnants of cracking utilities and other evidence clearly indicates a serious problem.  The source of the intrusion, while still unknown at this time, points towards a nefarious…

E5 – The Flies and the Hornet – The Hornet’s Sting

The Ghost waited patiently on a hill overlooking the castle and contemplated his last few days.  His journey from the Frontier had been eventful.  Hiding from shadow to shadow, he had traversed the miles with deliberation and an overabundance of caution from his first entry into the Kingdom.  Abandoned hunting shacks, ancient caves, run down…

E5 – The Flies and the Hornet – Swatting Flies

“How’s it coming?”  Marty entered Erin’s office unannounced.  They had spent so much time shuttling back and forth between his desk and her office that they dropped all formalities and decorum. Erin looked up from her screen.  “Swatting flies,” she said wearily. ‘Swatting flies’ had become their slogan as they tracked down compromised accounts and…

Does DDoS Takedowns Really Change Extortion Rules of Engagement?

The proliferation of account takeovers, DDoS attacks,  ransomware and outright cyber extortion targeting individuals and institutions is not only disrupting the hack attack landscape, but also raising questions around our rules of engagement. How are we supposed to deal with all of this knowing the bad guys aren’t playing by the same rules that we…