Browsed by
Tag: threat hunting

Shadow Brokers Dump And Best Practices

Shadow Brokers Dump And Best Practices

Well that’s a weird title, right? Now that the dust has settled to some degree, let’s look at a not-so-obvious takeaway from the latest security news that simultaneously set everyone’s hair on fire? The latest Shadow Brokers dump is bad on so many different levels. Let’s not concentrate on the potential levels of government and private industry collusion our guts told us existed, but we weren’t sure of. Even now, Microsoft is claiming the vulnerabilities were fixed as part of a…

Read More Read More

Uncovering Indicators of Compromise

Uncovering Indicators of Compromise

Last updated: 16 October 2016 This is the new version of a paper and script I originally wrote as part of my SANS gold paper for the GCCC certification. The paper re-write was primarily in preparation for my presentation of the topic at the 2016 Nagios World Conference… Unfortunately, the conference was canceled. <sigh> Nonetheless, the paper now covers version 6 of the Critical Security Controls instead of 5.1. The original paper in PDF format can still be retrieved from the SANS…

Read More Read More