Splunk .conf 2020. Some great cyber talks and security reminders.

Splunk .conf 2020. Some great cyber talks and security reminders.

Last week saw Splunk .conf 2020 take place and instead of a Las Vegas venue it swapped to a virtual event, as with so much as an effect of Covid-19. This was my first Splunk .conf event and for the un-initiated there are a huge variety of talks, in all 230 this year and obviously the focus for myself and CND colleagues was on cyber security related...

0
  19 Hits
A new version of Nmap has been unleashed.

A new version of Nmap has been unleashed.

This week saw the release of Nmap 7.90 although as yet my particular Linux distro repository has yet to be updated (manual installation thus required). For security professionals it's worth reading the full release announcement here (URL), there are some significant changes and impressively the number of OS fingerprints is up to 5,678. If you've st...

0
  44 Hits
BASH dear friend I’ve got a new mate, I’ll see you around.

BASH dear friend I’ve got a new mate, I’ll see you around.

Ask most Linux users or administrators what their favourite shell is, and you will probably be met by a brief pause and a bemused look, what else is there other than BASH (URL) or the Bourne Again Shell? Well, it depends on the *nix distro that you're using and what is installed by default, but for many of my contemporaries starting a new script wi...

0
  220 Hits
Your password is listed online...

Your password is listed online...

Most of our readers will be familiar with security researcher Troy Hunt's password breach project 'haveibeenpwned', a simple explanation is that it hosts a database of password breaches which can be searched for exposure. If your company or organisation has suffered from a hacking incident then there's a reasonable chance that any credentials or ha...

0
  261 Hits
PHP Deathmatch: Korean Angel vs. the botnets

PHP Deathmatch: Korean Angel vs. the botnets

So, each week I've been writing a tech blog article on some of the trends we see in machine data to one of our monitored web assets. One of the automated searches we have running is long URI's in this case as a POST to the server and below you can see the output of this: Firstly, the raw data needs to be run through a decoder before we can see what...

0
  307 Hits
You may be a hacker, but no need to be rude!

You may be a hacker, but no need to be rude!

Do you remember learning a foreign language at school as a teenager and the first thing that you wanted to do was learn all the rude words, the reverse dictionary would be passed around and sure enough you'd find a list of profanities. Well it seems that is what our latest user-agent hacker has been up to. The four entries that I have from our logs...

0
  338 Hits
There’s trouble in Hong Kong…

There’s trouble in Hong Kong…

Further to last week's blog posting on user-agents, we are examining some of the malicious attempts seen crafted against a non-critical web-asset that our SOC monitors. Looking through our machine data using the dashboards that we have developed in this instance using Splunk, we are able to rapidly identify anomalies with low effort. We n...

0
  449 Hits
2 + 2 = Rogue FBI most wanted

2 + 2 = Rogue FBI most wanted

At CND our SOC analysts are inquisitive by nature; digging a little bit deeper and the further exploration of a lead in data is what we like to do. It's a bit like a prospector looking for that tiny fleck of gold that reveals a giant nugget; the detail is what matters and exploring it often leads you to threats you didn't even realis...

0
  983 Hits
Pwny Treck To Own Your IoT

Pwny Treck To Own Your IoT

 One of the great things about working in cyber security and specifically CND is that we are constantly required (and encouraged) to keep our knowledge and skillset relevant to combat emerging threats and trends in order to best serve our clients. We all have our favourite news feeds or podcasts, on Wednesday 17th June our Radar Page reported ...

0
  575 Hits

Find Out More

© Computer Network Defence Limited 2020
For The Latest Updates Please Subscribe to Our Feed
Or Follow Us on LinkedIn