Sep 11, 2015 By Jean-Paul Bergeaux In Blog

Insights from Black Hat and DEFCON 2015: Red Teams: “Check Your 6”

“Check your 6.” In the military, this means:  “Look behind you for an attacker.”  Wesley McGrew used this phrase in his DEFCON23 presentation about the danger pen testers are bringing into the environments they are paid to ethically hack.  In short, pen testers are experts on the offensive techniques to infiltrate and find...

Read More

Sep 08, 2015 By Jean-Paul Bergeaux In Blog

Insights from Black Hat and DEFCON 2015: Microsoft WMI May Be Hiding Something In Your Environment

It’s been known for a while the Microsoft’s administrative tool WMI (Windows Management Instrumentation) was being used by attackers to penetrate environments.  It has powerful capabilities, just like PowerShell, but it also allows remote execution of commands, so its attractiveness to attackers is no surprise. After Black Hat 2015 and...

Read More

Sep 01, 2015 By Jean-Paul Bergeaux In Blog

Insights from Black Hat and DEFCON 2015: Active Directory vulnerabilities pose risks

Although it didn’t make a big news splash, one of the best presentations at both Black Hat and DEFCON provided a comprehensive summary of all vulnerabilities, configuration issues, and best security practices for enterprises using Microsoft Active Directory. This was the first presentation at these conferences by Sean Metcalf, who is more...

Read More

Aug 19, 2015 By Brian Reynolds In Blog

Bombshell! Cyber breaches more widespread than reported

A bombshell is defined as “an overwhelming surprise or disappointment.” For example, you open the paper one day and read that your next-door neighbor is an escaped serial killer. That’s a bombshell. A well-known politician is charged with bigamy. That’s a bombshell. On several occasions over the last several years, high-profile cyber...

Read More

Aug 12, 2015 By Jean-Paul Bergeaux In Blog

BlackHat and DEFCON Highlight Dangers Ahead

In my sprint through five days of sessions, demonstrations, presentations and conversations at this year’s DEFCON and BlackHat conferences, I noted several compelling security challenges that cannot be ignored by those in the defensive security field. I summarize some of the issues and problems below. I intend to explore them more fully in...

Read More

Aug 04, 2015 By Jean-Paul Bergeaux In Blog

DEF CON Promises a Secure Network for Attendees. Should I Trust It? (Hint: I’ll be using Airplane mode)

I have been to several cyber security conferences over the last few years and was always astounded that they even offered free WiFi, as if it were a joke.  Why would I connect to anyone’s WiFi among a collection of security people, especially considering it’s not hard for any random person to get close enough to either hack through the...

Read More

Jul 29, 2015 By Jean-Paul Bergeaux In Blog

Android Vulnerability Highlights Two Basic Security Principles

When addressing mobile security, enterprise security teams typically focus on defending the internal organization from attack, both because mobile devices have access to applications and data and because mobile devices can introduce vulnerabilities aimed at exfiltrating data.  Yes, many MDM and mobile AV products defend the device itself, but...

Read More

Jul 07, 2015 By Brian Reynolds In Blog

Simple, Proven and Secure Cloud Backup

In a world where plucking low hanging fruit for cost savings is king,  cloud and backup go hand-in-hand.  It feels like a safe place to start when not touching production services or data sets and when dealing with the recurring costs and maintenance required for on-premise data protection solutions. It feels safe, that is, until you start...

Read More

Jun 18, 2015 By Sean Gilbert In Blog

Improving Security Through Network Virtualization

NOTE from Jean-Paul: In recent blogs, I have highlighted the importance of simplifying and automating the security environment as a way to cut costs and strengthen security. SwishData has identified VMware’s NSX platform as a valuable tool for achieving these goals, and so I asked VMware’s Sean Gilbert to describe for us how NSX can enhance...

Read More

Jun 11, 2015 By Andrey Zhuk In Blog

Part 2: Solving the Honeypot Dilemma: Countering: Dormant Threats Inside Your Agency’s Networks

In my last blog, we talked about the dilemma of using honeypots. On the one hand, honeypots can be a great way to catch the bad guys; on the other hand, they can be costly and, if the attackers are clever enough honeypots can actually be used against the agency. Here at SwishData, we constantly look for vendors with new and innovative...

Read More