Posts By Jean-Paul Bergeaux

Mar 09, 2016 By Jean-Paul Bergeaux In Blog

Today’s Hackers are High Tech Conmen. Plan Your Security Strategy Accordingly.

Today’s security strategies are predicated on attacks being technology based. Even after dismissing perimeter defense as passé, vendors point to end-point defense, east/west containers, internal network defense, catching Indicators of Compromise (IoCs) early, pitting our technological defenses against the hackers.  In fact, a key factor for...

Read More

Jan 28, 2016 By Jean-Paul Bergeaux In Blog

Your security infrastructure doesn’t cover mobile use

For many workers, a laptop is essential for them to be productive when away from the office. They take their laptops on travel. They bring them home in the evenings and on weekends, perhaps to catch up on work or be on call to handle emergencies.  A new report by CYREN highlights how attackers are using the habits of remote and mobile workers...

Read More

Dec 09, 2015 By Jean-Paul Bergeaux In Blog

Solutions for Endpoint Problems: Digging into MeriTalk’s Federal Survey

Palo Alto Networks has been working hard to solve agencies’ endpoint problems with Traps™, its new next-generation endpoint product.  It’s a good product to look at. Recently, the Palo Alto Public Sector team hired MeriTalk to survey federal managers and employees and produce a report on endpoint security.  The report offers some...

Read More

Nov 10, 2015 By Jean-Paul Bergeaux In Blog

How Phishing Sites Use ‘Reverse Proxies’ and Why You Should be Worried About It

How Phishing Sites Use ‘Reverse Proxies’ and Why You Should be Worried About It
Many IT savvy folks are too careful to get caught by phishing Emails, but most also believe that even if they do get caught, they would never fall for a phishing site.  Paying close attention to the details will protect them. Not so fast. The cyber-criminal and cyber-espionage groups have gone high tech and are now using Application Delivery...

Read More

Oct 27, 2015 By Jean-Paul Bergeaux In Blog

Insights from Black Hat and DEFCON 2015: Rethinking Honeypots: Early warning can deliver real business value

For years, research and academic deployments of honeypots have drawn large crowds with excited onlookers interested to hear what was discovered about bad actors with a vast honeypot deployment.  The problem is that these academic learning exercises are difficult to translate into business and operational value.  It is just too expensive and...

Read More

Oct 21, 2015 By Jean-Paul Bergeaux In Blog

Solving the Data Retention Problems of Security Analytics and Forensics

Anyone who was able to attend or even observe from afar this year’s  attendance-smashing RSA Conference can tell you that some great new technologies are being introduced to take advantage of data collected by security products. In particular, these technologies can leverage log data to greatly improve the ability of security personnel to find...

Read More

Oct 20, 2015 By Jean-Paul Bergeaux In

Insights from Black Hat and DEFCON 2015: Agencies beware of hypervisor exploitation in public clouds

(See update on 10/20/2015 below, no longer a theory!) Multiple presentations at both Black Hat 2015 and DEFCON23 examined hypervisor vulnerabilities, as well as the firmware and hardware vulnerabilities that can give attackers access to either the layer-2 ring (hypervisor ring) or other VMs’ memory and CPU stream.  All together, the lesson...

Read More

Oct 07, 2015 By Jean-Paul Bergeaux In Blog

Storage for Cybersecurity Collection Requires Back-to-Basics Focus

Do you remember when your phone was just able to make a call and maybe, just maybe, text someone?  You had to hit the number keys multiple times to make letters for texting?   Did you know that you can still buy a phone like that on Amazon for around $20 with no contract?  They are simple and do what a phone used to do, before iPhones and...

Read More

Sep 11, 2015 By Jean-Paul Bergeaux In Blog

Insights from Black Hat and DEFCON 2015: Red Teams: “Check Your 6”

“Check your 6.” In the military, this means:  “Look behind you for an attacker.”  Wesley McGrew used this phrase in his DEFCON23 presentation about the danger pen testers are bringing into the environments they are paid to ethically hack.  In short, pen testers are experts on the offensive techniques to infiltrate and find...

Read More

Sep 08, 2015 By Jean-Paul Bergeaux In Blog

Insights from Black Hat and DEFCON 2015: Microsoft WMI May Be Hiding Something In Your Environment

Insights from Black Hat and DEFCON 2015: Microsoft WMI May Be Hiding Something In Your Environment
It’s been known for a while the Microsoft’s administrative tool WMI (Windows Management Instrumentation) was being used by attackers to penetrate environments.  It has powerful capabilities, just like PowerShell, but it also allows remote execution of commands, so its attractiveness to attackers is no surprise. After Black Hat 2015 and...

Read More