DecryptedTech

Wednesday06 July 2022

Displaying items by tag: Risk Management

Researchers have identified Trickbot in use in campaigns targeting several financial institutions. These groups along with a few tech companies thrown in a predominantly in the US and appear to be using an evolved version of the malware to get in and avoid detection by legacy anti-malware (signature based). It is usually part of a targeted spearphishing campaign where poisoned office documents are either contain links to malicious websites or can contain HTA code to execute a PowerShell command to download the second stage of the malware.

Published in Security Talk
Thursday, 13 January 2022 13:05

Secure Infrastructure in the distributed workplace

There was a time when the thought of secure infrastructure would bring items like properly configured IDS/IPS, Firewalls, Switches and Routers with hefty ACLs and 802.1x to mind. However, after Covid and even a bit before the traditional walled layout of the business network design was starting to become outdated. Remote workers and BYOD meant that not everyone could shelter safely inside the castle walls (not that they were safe before). Now IT and Security teams now had a much bigger area to observe and protect. The task becomes harder; much, much harder, but not impossible. The tools change and how you deploy, monitor, and update these tools also change. Let’s look at how to expand the concept of secure infrastructure into the modern distributed workforce.

Published in Security Talk
Thursday, 13 January 2022 05:09

All-in Vulnerability and Risk Management

It is a common belief that vulnerability management is nothing more than scanning and patching. However, as we have seen in many breaches and attacks, this is far from true. Vulnerability management is about understanding your organization and the risks it faces. Risks that an organization faces can include insider threats, public exposure, data leakage, improper configurations or safeguards, data integrity models, and quite a bit more. It is not enough to simply scan with a specific flavor of vulnerability scanner, it is a much larger effort and requires buy-in from every team and person in an organization.

Published in Security Talk