Years ago I sat in my first network security class learning all about the OSI model, the operation of TCP/IP, port and protocols, and many other interesting topics. One of the main take-aways was to always segment your network for…
The HTTP protocol has long been used by bad guys as an infection vector, command and control channel, and of course data exfiltration. The countermeasure most organizations use to mitigate this attack path is a proxy server that monitors outgoing…
For the past few years there has been a big focus on attributing attacks. The government has always been in the game (but obviously keeping it close to the vest) and recently vendors have been getting into the action for…
While taking part in the most recent SANS CTI Summit via Twitter, I was introduced to the Detection Maturity Level (DML) model created by Ryan Stillions (@ryanstillions) back in 2014. The model still stands as one method of measuring your…
An update to one of our favorite network forensics tools has just been released. Whether it is a network challenge or real-world incident, NetworkMiner can help you carve through PCAP content fairly easy. The new version of NetworkMiner adds a…
Looks like the White House is looking to fill a CISO position finally… Don’t forget … please list NovaInfosec.com as the referral if you decide to apply. And if you are a company representative that is interested in posting your…
My favorite shortened URL expander, UnMaskURL.com, stopped working recently. I’m not sure if it has been abandoned or if some maintenance just needs to be done. @evilfingers created this site years ago and I am thankful for the time and…
In case you haven’t heard, The Shmoocon Group just announced the release of this year’s Shmoocon videos to Archive.org. With a host of talks I thought I would provide my picks if you are looking for somewhere to start. At…
It looks like the next version of this great tool has been released. It can be a little frustrating to configure but time and time again my pen tester associates say EMET is one of the top controls that stop…
I’ve been thinking about this one for a while given all the breaches over the past few years – including a nod to Johnny Cochran of OJ Simpson murder trial fame and his artful catchphrase – “If it doesn’t fit,…