Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “Expanding Shortened URLs”, 2) “NetworkMiner 2.0 Released” and 1) “Grec’s Top 5 ShmooCon 2016 Video Picks”. If you missed anything or happened to be offline, we hope you find this summary post useful as a quick reference. A la Schneier … you can also use this rewind post to talk about the security stories in the news that we haven’t covered remote-access.
Krebs’s 3 Basic Rules: What do you say when a non-technical friend or family member asks ydmlou how to stay secure on the Internet? My answer is usually to go search for Brian Krebs’ 3 basic rules. Although he is known for researching ATM skimmers, exposing pharmaceutical scams, crushing small bank transfers/money mules, and discovering massive breaches, one of the more unique resources Brian maintains is a page dedicated to helping non-technical users stay safe on the Internet. This resource, “Krebs’s 3 Basic Rules for Online Safety,” stresses a few simple guides we can pass along to our non-technical family and friends. (continued here)
QOTD: If You Can’t Protect, Then Don’t Collect: I’ve been thinking about this one for a while given all the breaches over the past few years – including a nod to Johnny Cochran of OJ Simpson murder trial fame and his artful catchphrase – “If it doesn’t fit, you must acquit.” Additionally, industry experts have been making similar rumblings the past few months. (continued here)
EMET 5.5 Released: It looks like the next version of this great tool has been released. It can be a little frustrating to configure but time and time again my pen tester associates say EMET is one of the top controls that stop them dead in their tracks. So spend the extra time and get this valuable tool setup in your enterprise. (continued here)
Grecs’ Top 5 ShmooCon 2016 Video Picks: In case you haven’t heard, The Shmoocon Group just announced the release of this year’s Shmoocon videos to Archive.org. With a host of talks I thought I would provide my picks if you are looking for somewhere to start. (continued here)
Expanding Shortened URLs: My favorite shortened URL expander, UnMaskURL.com, stopped working recently. I’m not sure if it has been abandoned or if some maintenance just needs to be done. @evilfingers created this site years ago and I am thankful for the time and energy he has put into developing and maintaining a resource like this. So with UnMaskURL.com down, what are some other shortened URL expanders out there? (continued here)
NetworkMiner 2.0 Released: An update to one of our favorite network forensics tools has just been released. Whether it is a network challenge or real-world incident, NetworkMiner can help you carve through PCAP content fairly easy. The new version of NetworkMiner adds a bunch of new features, including file extraction from SMB write operations, a parser for SMB2, more SCADA commands, and a PLC parser. (continued here)
The DML Model: While taking part in the most recent SANS CTI Summit via Twitter, I was introduced to the Detection Maturity Level (DML) model created by Ryan Stillions (@ryanstillions) back in 2014. The model still stands as one method of measuring your organization’s intelligence maturity in detecting and responding to attacks. (continued here)
Hope everyone had a wonderful week! Have a great weekend!