The post Presentation: RSA USA 2020 – Preventing an Enterprise Win10 Rollout Being Remotely Controlled and Ransomed appeared first on Sense of Security.
]]>Windows 10 is the platform of choice for large scale, corporate controlled, end user OS deployments. Referred to through many names incl Enterprise Roll-Outs, Standard Operating Environments (SOE), Golden Image deployment etc they all relate to the same thing. A standardized deployment that needs to be secured at creation and then managed for the lifetime in operation. Large corps & govt tend to use the same formula. Create an image. Add in some enterprise mgmt features, end point security & full disk encryption. Harden. Test it (maybe). Operate it in the field. Deal with any fall out. These are high cost, time sensitive, task management centric projects. Using an outsourced partner to design, implement & manage the process adds in an element of supply chain risk – making the entire solution susceptible to long term time-in-market attacks. This includes a timeless opportunity for total environment-take-over. It is our experience that organisations are short-changing themselves by doing very limited testing of the system prior to deployment. At best this is limited to a hardening review.
This presentation describes a case-study for why testing is required to address a stream of risks and how this saved a large corporate from deploying an image that was certain to result in 10,000+ machines being remotely controlled by an adversary.
To learn more download our presentation here. For more information call us on 1300 922 933.
The post Presentation: RSA USA 2020 – Preventing an Enterprise Win10 Rollout Being Remotely Controlled and Ransomed appeared first on Sense of Security.
]]>The post Presentation: RSA USA 2020 – What Was Once Old Is New Again: Domain Squatting in 2020 appeared first on Sense of Security.
]]>A common cyber-attack technique is to lure a victim to browse to an attacker controlled website that is hosting malware or the like. One way to lure a victim is to register a DNS domain that resembles that of a major brand, and then either entice the victim to visit the website, for instance via an email message, or to simply wait for the victim to mistype or misspell the major brand’s website address. This registering of a similar DNS domain is commonly referred to as domain squatting. People are encouraged to be suspicious of emails received from unknown senders, but what happens when an email appears to come from a known person or organization, and the emails and its attachments are in line with the expected content. Again, research into similar topics isn’t new. However, by utilizing domain squatting the registering of DNS domains can be extracted by examining email flows, and the email content categorized by applying topic modelling on their contents. This allows for specifically crafted spear-phishing emails that match both the expected email sender and the topics of correspondence, which drastically increases the chances of a successful phish.
In this session, it will be demonstrated how old school domain squatting can be modernized to include OSINT gathering and the delivery of weaponized documents using email messages. The result is scarily accurate corporate relationship and supply chain mappings, as well as re-purposing actual business documents into spear-phishing attacks.
To learn more download our presentation here. For more information call us on 1300 922 933.
The post Presentation: RSA USA 2020 – What Was Once Old Is New Again: Domain Squatting in 2020 appeared first on Sense of Security.
]]>The post Presentation: RMIA National Conference – The Business Case for Dynamic Risk Assessments appeared first on Sense of Security.
]]>Risk Management is a discipline with an extensive heritage. Moving forward we need to adopt assessment methods that are going to give a higher degree of assurance that we are identifying realistic vectors through which the business may be subjected to attack. At Sense of Security (SOS) we call these Dynamic Risk Assessments (DRA). This type of assessment is based on the premise that we are not stifled by prescriptive rules, a spreadsheet listing the methods we must use, or having meetings with any number of stakeholders who may not disclose the true state of affairs for fear of losing credibility or possibly their job.
To learn more download our The Business Case for Dynamic Risk Assessments here. For more information call us on 1300 922 933.
The post Presentation: RMIA National Conference – The Business Case for Dynamic Risk Assessments appeared first on Sense of Security.
]]>The post Presentation: A snapshot into current Web Application vulnerabilities – Lunch N Learn appeared first on Sense of Security.
]]>Our Chief Data Wrangler Willem Mouton presented at our Lunch N Learn event the findings of our State of Web Application Security in Australia report, provided some insight and risk context as to how your organisation compared to others in the market, what the top issues are, and why web application security still needs to be a core focus of security initiatives.
To learn more, download our A snap shot into current Web Application Vulnerabilities Lunch N Learn presentation slides. For more information call us on 1300 922 933.
The post Presentation: A snapshot into current Web Application vulnerabilities – Lunch N Learn appeared first on Sense of Security.
]]>The post Presentation: Meet the Chiefs industry briefings – Cyber Resilience: Understanding Supply Chain Risks appeared first on Sense of Security.
]]>He presented on the topic of Cyber Resilience – Understanding Supply Chain Risks.
The main points addressed were:
To learn more, download our Cyber Resilience: Understanding Supply Chain Risks presentation here. For more information call us on 1300 922 933.
The post Presentation: Meet the Chiefs industry briefings – Cyber Resilience: Understanding Supply Chain Risks appeared first on Sense of Security.
]]>The post Presentation: Lunch N Learn – How to Operate a DDoS Testing Program appeared first on Sense of Security.
]]>Our COO Murray Goldschmidt presented at our Lunch N Learn event on the topic of How to Operate a DDoS Testing Program where he discussed:
To learn more download our presentation slides here. For more information call us on 1300 922 933.
The post Presentation: Lunch N Learn – How to Operate a DDoS Testing Program appeared first on Sense of Security.
]]>The post Presentation: RSA USA 2019 – How to design and operate a DDoS testing program appeared first on Sense of Security.
]]>Despite investment in DDoS mitigation, testing solutions is seldom on the agenda of most vulnerability management programs that focus on vulnerability scanning and pen testing. This presentation delivers an effective approach to validate your defenses against all forms of DDoS including the ability to simulate attacks, measure your response and determine if your operational practices are working.
To learn more download our presentation slides here. For more information call us on 1300 922 933.
The post Presentation: RSA USA 2019 – How to design and operate a DDoS testing program appeared first on Sense of Security.
]]>The post Presentation: RSA USA 2019 – Securely Deploying Micro Services, Containers & Serverless PaaS Web Apps appeared first on Sense of Security.
]]>Containerisation is on the rise and many decision makers are starting to implement it within their organisation. To learn more download our COO Murray Goldschmidt’s presentation from RSA USA 2019 on Securely Deploying Micro Services, Containers & Serverless PaaS Web Apps here. For more information call us on 1300 922 933.
The post Presentation: RSA USA 2019 – Securely Deploying Micro Services, Containers & Serverless PaaS Web Apps appeared first on Sense of Security.
]]>The post Presentation: Making Sense of Office 365 Email (In)Security appeared first on Sense of Security.
]]>Organisations need to understand that Office 365 (O365) is a cloud-based business system used for email, productivity, and collaboration. This platform and its data are a popular breach target for key threat actors who wish to extract data, elevate their privileges, abuse resources, or delete data. There is also an insider risk whereby so called ‘trusted employees’ take steps to exfiltrate/spill or delete sensitive data or obtain persistent access by building in backdoor accounts.
Targeted email attacks such as Business Email Compromise, spear phishing, and ransomware are on the rise. Cybercriminals know employees are the weakest link in an organisation and need only to convince these targets they are someone who should be trusted to achieve success. Attackers always follow the money and choose the easiest routes, and O365 generally meets this criteria.
Email is trusted communication by many. People often trust an email hasn’t been spoofed, or that a sender is who they say they are. If you regularly communicate with a party from a particular email address, why would you suddenly assume it is not legitimate? According to a Osterman Research white paper in April this yr, 44% of organisations were victims of targeted email attacks launched via a compromised account in the last 12 months.
To find out why mail is a good target and O365 Context, the anatomy of a typical O365 hack, what are the indicators of compromise and lastly what are the regulatory impacts and countermeasures check out the presentation our CTO Jason Edelstein conducted on the topic Making Sense of Office 365 Email (In)Security
The post Presentation: Making Sense of Office 365 Email (In)Security appeared first on Sense of Security.
]]>The post Presentation: APIG NSW – Cyber in Focus – Outsourcing IT Services and Managed Services – Are you secure? appeared first on Sense of Security.
]]>The main points that were discussed included:
For more information download our presentation: APIG NSW – Outsourcing IT Services and Managed Services – Are you Secure?
The post Presentation: APIG NSW – Cyber in Focus – Outsourcing IT Services and Managed Services – Are you secure? appeared first on Sense of Security.
]]>