Splunk .conf 2020. Some great cyber talks and security reminders.

Splunk .conf 2020. Some great cyber talks and security reminders.

Last week saw Splunk .conf 2020 take place and instead of a Las Vegas venue it swapped to a virtual event, as with so much as an effect of Covid-19. This was my first Splunk .conf event and for the un-initiated there are a huge variety of talks, in all 230 this year and obviously the focus for myself and CND colleagues was on cyber security related...

0
  61 Hits
A new version of Nmap has been unleashed.

A new version of Nmap has been unleashed.

This week saw the release of Nmap 7.90 although as yet my particular Linux distro repository has yet to be updated (manual installation thus required). For security professionals it's worth reading the full release announcement here (URL), there are some significant changes and impressively the number of OS fingerprints is up to 5,678. If you've st...

0
  85 Hits
"Your Bitcoin or your business!"

"Your Bitcoin or your business!"

Ransomware has become one of the most widely reported cyber threats in recent time. It has affected countless individuals worldwide as well as organisations of all sizes across a diverse range of industries and sectors. For those new to the term, ransomware typically involves the introduction of malware onto a system that locks (encrypts) files and...

0
  303 Hits
BASH dear friend I’ve got a new mate, I’ll see you around.

BASH dear friend I’ve got a new mate, I’ll see you around.

Ask most Linux users or administrators what their favourite shell is, and you will probably be met by a brief pause and a bemused look, what else is there other than BASH (URL) or the Bourne Again Shell? Well, it depends on the *nix distro that you're using and what is installed by default, but for many of my contemporaries starting a new script wi...

0
  261 Hits
Your password is listed online...

Your password is listed online...

Most of our readers will be familiar with security researcher Troy Hunt's password breach project 'haveibeenpwned', a simple explanation is that it hosts a database of password breaches which can be searched for exposure. If your company or organisation has suffered from a hacking incident then there's a reasonable chance that any credentials or ha...

0
  289 Hits
PHP Deathmatch: Korean Angel vs. the botnets

PHP Deathmatch: Korean Angel vs. the botnets

So, each week I've been writing a tech blog article on some of the trends we see in machine data to one of our monitored web assets. One of the automated searches we have running is long URI's in this case as a POST to the server and below you can see the output of this: Firstly, the raw data needs to be run through a decoder before we can see what...

0
  344 Hits
Post Breach Crisis Communications

Post Breach Crisis Communications

I don't think I'm alone as a business owner when I worry about the possibility of being breached. There must be many more like me who over the years have detected something which suggests that the worst has actually happened.  Fortunately, "touch wood" these incidents are few and far between and they have all been false pos...

0
  444 Hits
Cyber Essentials: Essentially, it’s just basic cyber security

Cyber Essentials: Essentially, it’s just basic cyber security

Unless you've been fortunate enough to have been living on a desert island these past few years, then there is a pretty good chance you will have heard of the Cyber Essentials scheme. Cyber Essentials was launched back in 2014 by the National Cyber Security Centre (part of GCHQ) as a UK Government backed initiative aimed at improving the basic leve...

0
  595 Hits
You may be a hacker, but no need to be rude!

You may be a hacker, but no need to be rude!

Do you remember learning a foreign language at school as a teenager and the first thing that you wanted to do was learn all the rude words, the reverse dictionary would be passed around and sure enough you'd find a list of profanities. Well it seems that is what our latest user-agent hacker has been up to. The four entries that I have from our logs...

0
  373 Hits
There’s trouble in Hong Kong…

There’s trouble in Hong Kong…

Further to last week's blog posting on user-agents, we are examining some of the malicious attempts seen crafted against a non-critical web-asset that our SOC monitors. Looking through our machine data using the dashboards that we have developed in this instance using Splunk, we are able to rapidly identify anomalies with low effort. We n...

0
  478 Hits
VIDEO - Military Leavers Entering Cyber - Part 2

VIDEO - Military Leavers Entering Cyber - Part 2

Our cyber security recruitment team in conjunction with our own veterans, have put together a short video about which military leavers taking a civilian cyber security role Recruitment CND are also the UK's oldest independent cyber security recruitment agency, specialising in global security recruitment since 2004. We work with both contract a...

0
  477 Hits
2 + 2 = Rogue FBI most wanted

2 + 2 = Rogue FBI most wanted

At CND our SOC analysts are inquisitive by nature; digging a little bit deeper and the further exploration of a lead in data is what we like to do. It's a bit like a prospector looking for that tiny fleck of gold that reveals a giant nugget; the detail is what matters and exploring it often leads you to threats you didn't even realis...

0
  1080 Hits
Cyber Security Policies - Lack of Leavers Policy Destroys Business

Cyber Security Policies - Lack of Leavers Policy Destroys Business

Insider Threat  If you are anything like me you will find the creation and maintenance of security policies a little tedious, though I cannot stress the importance of them enough. A UK case was recently reported by North Yorkshire Police, which could have been prevented on many levels through effective cyber security controls. Danielle Bulley ...

0
  513 Hits
Pwny Treck To Own Your IoT

Pwny Treck To Own Your IoT

 One of the great things about working in cyber security and specifically CND is that we are constantly required (and encouraged) to keep our knowledge and skillset relevant to combat emerging threats and trends in order to best serve our clients. We all have our favourite news feeds or podcasts, on Wednesday 17th June our Radar Page reported ...

0
  616 Hits
Phishing Trends of the Week #2 - Tales From Our Ethical Phisherman

Phishing Trends of the Week #2 - Tales From Our Ethical Phisherman

This week has produced some interesting phishing campaigns and some new tactics with the attackers creating some new and innovative methods to bait users and make their campaigns look more legitimate. We work tirelessly to discover the latest techniques used for phishing in order to brief our clients and create realistic phishing campaigns to ...

0
  584 Hits
Phishing Trends of the Week #1 - Tales From Our Ethical Phisherman

Phishing Trends of the Week #1 - Tales From Our Ethical Phisherman

You've heard a great deal about ethical hackers, who emulate the Tactics Techniques and Procedures (TTP) of a hacker to test your defences. Well, I'm an ethical phisherman, I use the same TTP as an attacker to lure your staff into taking my bait and then instead of exploiting them, they receive education, whilst you receive statistics on how many s...

0
  342 Hits
Tales From Our Ethical Phisherman

Tales From Our Ethical Phisherman

You've heard a great deal about ethical hackers, who emulate the Tactics Techniques and Procedures (TTP) of a hacker to test your defences. Well, I'm an ethical phisherman, I use the same TTP as an attacker to lure your staff into taking my bait and then instead of exploiting them, they receive education, whilst you receive statistics on how m...

0
  446 Hits
CND Phishing Assessment Radio Advert

CND Phishing Assessment Radio Advert

We have commissioned a new radio advert for the launch of our new Managed Phishing Assessment Service, please let us know what you think and why not visit our Phishing Assessment page https://www.cndltd.com/services/assess/phishing-assessment

0
  449 Hits
How to Pre-Pend a Warning to Office 365 Emails

How to Pre-Pend a Warning to Office 365 Emails

We've helped several clients reduce the number of successful phishing email attacks.  As part of our Managed Phishing Assessment Service we send realistic but benign phishing emails and the responses have been shocking. One client had 32% of their staff fall for our email.  In order to help identify phishing emails we pre-pend the subject...

0
  468 Hits

Find Out More

© Computer Network Defence Limited 2020
For The Latest Updates Please Subscribe to Our Feed
Or Follow Us on LinkedIn