This session walked through the actions taken by various parties throughout a company during a ‘Live Fire’ data breach incident drill. In this drill, a threat intelligence vendor notified the Company’s Threat Intelligence department, through established communication lines, that customer data was for sale on the Dark Web.
Account Take Over (ATO) has become a large attack vector and many infosec professionals find themselves plunged into this unfamiliar world. One day you are working malware, IDS alerts, and employee misuse, as you always have. Suddenly you are in a world of financial fraud, tracking digital transactions, listening to phone calls and model threat actor TTPs. This presentation talks about the problem of ATO, how an organization can prepare themselves to deal with the issue, and most importantly, how the underground works. This will include how fraudsters communicate, tools of their trade and, how they monetize and launder their money. A good time will be had by all. No punch or pie will be provided.
An InfoSec/IR veteran passes on valuable lessons, learned over the course of long and exciting career. The diversity of my work has lead to some interesting situations. From universities to defense; financial services to web hosting. Chances are I have seen it and learned something worth passing on about it. I will try to keep the ramblings as coherent as possible, but can’t make any promises on limiting the number of memes.
Some of my observations have compelled me to make this post. The bottom line is that the American media is failing us on COVID-19 coverage because it can’t get past partisanship.
The right-wing media is trying to tell you that it’s all been blown out of proportion and there is nothing to worry. The left-wing media is fixated on how severely Trump has failed/is failing at his handling of this pandemic. Neither is helpful.
The solution is to arm yourself with as much information as you can and form your own opinions.
I created a bookmark folder called COVID-19 and stuck these links in it. Now I just right-click -> open all in new tabs and read all of the sources.
Tonight I have been playing with my guiney pig openbsd server and setting up a standard build for my 'fleet '. In doing this I have landed on a number of strange sites wile clicking off topic.
SELinux; The nsa aparently has developed a secure distro of linux. In theory it sounds nice but I do I trust to not be back doored? If I even have to ask it aint worth it. 🙂
Trustix; I gave these guys an awful review about a month back when I was going to write my “OpenBSD vs. Trustix” article. Shortly after that they got bought out and became TSR Linux. Now that group filed for bankrupcy protection and was purchased by Comodo… the same doods I have my ssl certificates through. 🙂 It looks like they some sort of backing from IBM and have a promising looking distro now.
I think I 'm too into OpenBSD to turn back now. On that note I just got “Absolute OpenBSD” from amazon today. Good fooken book! I highly recomend it. Lots of info on PF, how it all works and why it works that way.
My companys new site is getting closer and closer to a launch. It will be a huge weight lifted off my shoulders one it does. Automated billing and signup, support system, kbase, security related news feeds, monitoring and all kinds of other fun stuff.
I babysitted my nephew last night and played on his Playstation2 a bunch (Hi Buddy!) wile my girlfriend was out purchasing a Gucci purse.
I am working on putting a new dual CPU workstation together for myself. It will have a kicken windowed case and all that other fun stuff. I will give you guys some pics as its being built.