incident response

Ransomware Intelligence Briefing

Ransomware Intelligence Briefing Media reporting on the WannaCry ransomware campaign has contained exaggeration, bad information, and fear tactics. This Bulletin seeks to provide Secure Ideas partners situational awareness about malware, ransomware, and phishing campaigns in the wild, and to provide a basic plan for businesses. The Secure Ideas Perspective Coverage of the WannaCry ransomware campaign has …

Ransomware Intelligence Briefing Read More »

You Must Be This Tall . . .

Imagine going in to do an incident response at a fairly large customer that has no visibility within their firewalls, no intrusion detection, no sense of inventory, because they had no ability to run even the most basic of vulnerability scans across their network. If I just described something that sounds a little scarily like …

You Must Be This Tall . . . Read More »

Analyzing Web App Attacks Using ModSecurity at MIRcon 2013

I’m extremely excited to announce that I will be speaking at MIRcon2013 on ModSecurity!  The presentation’s goal is to help systems administrators, incident responders, and security analysts better manage and run an installation of ModSecurity.  Here is the synopsis from the presentation. Any publicly available web server and site is under attack on a regular …

Analyzing Web App Attacks Using ModSecurity at MIRcon 2013 Read More »

Your Passwords Were Stolen: What’s Your Plan?

If you have been glancing at many news stories this year, you have certainly seen the large number of data breaches that have occurred. Even just today, we are seeing reports that Drupal.org suffered from a breach (https://drupal.org/news/130529SecurityUpdate) that shows unauthorized access to hashed passwords, usernames, and email addresses. Note that this is not a …

Your Passwords Were Stolen: What’s Your Plan? Read More »

Looking for Malicious PHP Files

A while back I had to deal with a compromised web server for some folks.  They had some WordPress sites with a vulnerable plugin and found that attackers were putting up malicious web pages for other victims to view.  The owners of the sites were understandably upset. The malicious files names didn’t follow much of …

Looking for Malicious PHP Files Read More »

Security Onion @ UTOSC 2012

Shortly before joining Secure Ideas, I spoke on Security Onion and Network Security Monitoring (NSM) at the Utah Open Source Conference 2012.  The presentation was aimed at introducing folks to Security Onion and how to get started with it.  The demo gods were tempted during the presentation, but I was still able to setup a …

Security Onion @ UTOSC 2012 Read More »

Scroll to Top