New Vulnerabilities Wednesday 13 October

New Vulnerabilities Wednesday 13 October

Monthly Patches are out for Microsoft (Exploit) and Adobe. New Alerts for Aruba, Advantech, Draytek, and Linux.      Palo Alto Network Monthly Patches should be out this afternoon. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and indu...

0
  63 Hits
New Vulnerabilities Thursday 06 October

New Vulnerabilities Thursday 06 October

New Alerts for Cisco, Mitsubishi Electric, and Johnson Controls    SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts Security Wizardry Cyber Threat I...

0
  179 Hits
New Vulnerabilities Monday 04 October

New Vulnerabilities Monday 04 October

New Alerts for Microsoft Edge (Exploit), ENDRESS+HAUSER, Lenze, Bosch, NETGEAR, Squid, F5, and Linux.   Tomorrow is Mobile Patch Day for three vendors. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.co...

0
  127 Hits
hoodie

Connecting to the Dark Web

What is the Dark Web? Before you dive into the world of the dark web it's important to understand what it is and what you might find on it. The Dark web is a section of the internet that is not indexed by your 'regular' browsers, nor can it be accessed by the generic browsers such as Chrome, Edge or Firefox and instead requires a browser such as th...

0
  331 Hits
cybercrime begins at home.

cybercrime begins at home.

My family and I moved home last week and everyone knows what a chaotic and stressful time this can be. There are in-fact quite a few cyber threat vectors when moving and during the move process my conveyancing solicitors e-mail server was targeted by a threat actor; the goal of this is to persuade would be buyers and sellers to ...

0
  2076 Hits
Solarwinds Hack - 1000 Years Ago

Solarwinds Hack - 1000 Years Ago

All cyber security practitioners will be familiar with that glazed look in the eye of a non IT muggle when you start talking in cyber to them. The same happened when I mentioned the SolarWinds hack yesterday, so I used an analogy based on castles in England 1000 years ago, it went like this: "...King Putinski's greed in stealing the siege weap...

0
  3418 Hits
It's Christmas (tree scanning)! -sX

It's Christmas (tree scanning)! -sX

Brilliant it's nearly Christmas and I'm sure everyone is looking forward to a good break and sigh of relief over the Christmas break. However there is one festivity that takes place year round (no it isn't festivus for any Seinfeld fans out there), I'm of course talking about xmas tree scanning. This is a type of port scan whereby your threat ...

0
  3280 Hits
Splunk .conf 2020. Some great cyber talks and security reminders.

Splunk .conf 2020. Some great cyber talks and security reminders.

Last week saw Splunk .conf 2020 take place and instead of a Las Vegas venue it swapped to a virtual event, as with so much as an effect of Covid-19. This was my first Splunk .conf event and for the un-initiated there are a huge variety of talks, in all 230 this year and obviously the focus for myself and CND colleagues was on cyber security related...

0
  3498 Hits
A new version of Nmap has been unleashed.

A new version of Nmap has been unleashed.

This week saw the release of Nmap 7.90 although as yet my particular Linux distro repository has yet to be updated (manual installation thus required). For security professionals it's worth reading the full release announcement here (URL), there are some significant changes and impressively the number of OS fingerprints is up to 5,678. If you've st...

0
  3164 Hits
"Your Bitcoin or your business!"

"Your Bitcoin or your business!"

Ransomware has become one of the most widely reported cyber threats in recent time. It has affected countless individuals worldwide as well as organisations of all sizes across a diverse range of industries and sectors. For those new to the term, ransomware typically involves the introduction of malware onto a system that locks (encrypts) files and...

0
  3409 Hits
BASH dear friend I’ve got a new mate, I’ll see you around.

BASH dear friend I’ve got a new mate, I’ll see you around.

Ask most Linux users or administrators what their favourite shell is, and you will probably be met by a brief pause and a bemused look, what else is there other than BASH (URL) or the Bourne Again Shell? Well, it depends on the *nix distro that you're using and what is installed by default, but for many of my contemporaries starting a new script wi...

0
  3377 Hits
Your password is listed online...

Your password is listed online...

Most of our readers will be familiar with security researcher Troy Hunt's password breach project 'haveibeenpwned', a simple explanation is that it hosts a database of password breaches which can be searched for exposure. If your company or organisation has suffered from a hacking incident then there's a reasonable chance that any credentials or ha...

0
  3325 Hits
PHP Deathmatch: Korean Angel vs. the botnets

PHP Deathmatch: Korean Angel vs. the botnets

So, each week I've been writing a tech blog article on some of the trends we see in machine data to one of our monitored web assets. One of the automated searches we have running is long URI's in this case as a POST to the server and below you can see the output of this: Firstly, the raw data needs to be run through a decoder before we can see what...

0
  3354 Hits
Post Breach Crisis Communications

Post Breach Crisis Communications

I don't think I'm alone as a business owner when I worry about the possibility of being breached. There must be many more like me who over the years have detected something which suggests that the worst has actually happened.  Fortunately, "touch wood" these incidents are few and far between and they have all been false pos...

0
  3517 Hits
Cyber Essentials: Essentially, it’s just basic cyber security

Cyber Essentials: Essentially, it’s just basic cyber security

Unless you've been fortunate enough to have been living on a desert island these past few years, then there is a pretty good chance you will have heard of the Cyber Essentials scheme. Cyber Essentials was launched back in 2014 by the National Cyber Security Centre (part of GCHQ) as a UK Government backed initiative aimed at improving the basic leve...

0
  4058 Hits
You may be a hacker, but no need to be rude!

You may be a hacker, but no need to be rude!

Do you remember learning a foreign language at school as a teenager and the first thing that you wanted to do was learn all the rude words, the reverse dictionary would be passed around and sure enough you'd find a list of profanities. Well it seems that is what our latest user-agent hacker has been up to. The four entries that I have from our logs...

0
  3533 Hits
There’s trouble in Hong Kong…

There’s trouble in Hong Kong…

Further to last week's blog posting on user-agents, we are examining some of the malicious attempts seen crafted against a non-critical web-asset that our SOC monitors. Looking through our machine data using the dashboards that we have developed in this instance using Splunk, we are able to rapidly identify anomalies with low effort. We n...

0
  3526 Hits
VIDEO - Military Leavers Entering Cyber - Part 2

VIDEO - Military Leavers Entering Cyber - Part 2

Our cyber security recruitment team in conjunction with our own veterans, have put together a short video about which military leavers taking a civilian cyber security role Recruitment CND are also the UK's oldest independent cyber security recruitment agency, specialising in global security recruitment since 2004. We work with both contract a...

0
  1336 Hits
2 + 2 = Rogue FBI most wanted

2 + 2 = Rogue FBI most wanted

At CND our SOC analysts are inquisitive by nature; digging a little bit deeper and the further exploration of a lead in data is what we like to do. It's a bit like a prospector looking for that tiny fleck of gold that reveals a giant nugget; the detail is what matters and exploring it often leads you to threats you didn't even realis...

0
  5074 Hits
Cyber Security Policies - Lack of Leavers Policy Destroys Business

Cyber Security Policies - Lack of Leavers Policy Destroys Business

Insider Threat  If you are anything like me you will find the creation and maintenance of security policies a little tedious, though I cannot stress the importance of them enough. A UK case was recently reported by North Yorkshire Police, which could have been prevented on many levels through effective cyber security controls. Danielle Bulley ...

0
  1503 Hits

Find Out More

© Computer Network Defence Limited 2021