By Katherine Teitler 

February 9, 2016

OSINT, or open source intelligence, is information about threats collected from publicly available sources. The CIA defines OSINT as information “drawn from publicly available material, including:

  • The Internet
  • Traditional mass media (e.g., television, radio, newspapers, magazines)
  • Specialized journals, conference proceedings, and think tank studies
  • Photos
  • Geospatial information (e.g., maps and commercial imagery products)”

Given society’s current communication methods, one could almost bullet the last four items under “the Internet.” All viable businesses have robust online presences, and people of all ages and across all geographies and ethnic groups engage in social media. There are no barriers to social media, and this, in and of itself, presents both opportunities and challenges.

Keep reading...

By Katherine Teitler 

February 3, 2016

Security professionals spend a lot of time thinking about protecting their back end systems and the information contained therein. They think about the scariest and sneakiest vulnerabilities and what an exploit means in real terms: will this disrupt business operations? Will our company lose sensitive data? What are the potential financial consequences? Will I be fired?

What a lot of security teams don’t spend much time considering, however, are the vulnerabilities in plain sight, the ones that can be enacted by a moderately skilled hacker who found explicit instructions posted on Pastebin from another hacker about a similar vulnerability. While we’re not yet winning the war, security teams are getting better at finding and detecting the Big Ones. Some of the most subtle but more easily avoided vulnerabilities shouldn’t be overlooked. Like those that occur through our most public-facing and highly used interface: our websites.

Keep reading...

Kerberos

Kerberos is a network authentication protocol that allows for secure authentication across networks. Created in the 1980s as part of the Athena Project at MIT so that clients and servers could communicate securely in a distributed computing environment, Kerberos is still one of the most frequently used strong authentication methods used today. 

Keep reading...

Are You Kidding Me? Digital Forensics Tips for Real-World Enterprises

January 27, 2016

Most everyone has some familiarity with digital forensics. After all, we've seen CSI Cyber, right? For the record, that isn't really how it works. For starters, we do not complete investigations in less than sixty minutes. In addition, we aren't that attractive and we prefer to work in well-lit rooms. Regardless, what is true is the significant part digital forensics can play in myriad situations. For today's enterprises, digital forensics is extremely valuable, if not essential, in situations involving intellectual property and trade secret theft, insider threat activities, employee "misbehavior," intrusions, and system compromises. Without an extensive forensic analysis, you are likely blind to these essential details. The technologies analyzed in these investigations can involve laptops, desktops, servers, network equipment, and GPS devices, and we can no longer discard the value of mobile devices, even when they are employee- (perpetrator-) owned.

Keep reading...

Authentication

Authentication, as it pertains to computer networking, is the process by which a user is verified onto a system. Authentication differs from authorization in that it matches user credentials to a designated user but does not, in and of itself, grant or deny permission to systems, applications, files, etc.

Keep reading...

By Katherine Teitler 

January 25, 2016

Penetration tests are a critical part of running a secure organization. Understanding system weaknesses from both an internal and external point of view can save a lot of headaches, not to mention data theft, financial loss, legal nightmares, and brand damage. The benefits of internal penetration testers vs. external, third-party testers can be argued: Internal testers are full-time, permanent employees of the company whose job it is to perform simulated attacks against corporate systems and find the vulnerabilities. 

Keep reading...

When you think of security metrics, what's the first thing that pops into your mind? OK, after you yawn, what's the first thing? While security metrics themselves may not exude excitement, what if your metrics quickly revealed just the type of information you need that leads to a decision or action that helps solve a business problem? That would be exciting!

Keep reading...

Identity & Access Management

Identity and access management is both a process and a set of technologies that allow IT departments to manage user data and privileges on IT systems, applications, and across device types. In any business—large or small—employees, partners, providers, and customers need access to systems and data to perform their job responsibilities. With access to data, especially proprietary or sensitive data, comes risk. Identity and access management, sometimes referred to as “IAM” or IDAM,” is the way for systems administrators to ensure that users have appropriate access: those who need access to specific data and information get it quickly, and those who do not are not permitted access.

Keep reading...

By Katherine Teitler 

January 19, 2016

For as long as I can remember, I’ve heard that “users are the weakest link in the chain,” or even worse, “you can’t stop stupid.” This long-held view is not terribly productive to advancing information security, and it certainly doesn’t endear the security professional to the general public. Sure, humans are susceptible to things machines aren’t, and yes, it is human nature to trust. So when an email is delivered to a busy person’s inbox and appears to be sent from one’s boss, most people are going to click on it. And while security awareness programs do help, they won’t eliminate phishing attacks, especially as attackers’ methods become wilier and more true-to-life.

Keep reading...

"Major Retailer Breached!"

"Hospital System Looses 3 Million Patient Records!"

These attention-grabbing headlines are no longer an anomaly. Hardly a week passes when news of a cyber attack or breach doesn't hit the mainstream media. While security was once thought to be the domain of a company's IT staff, organizations are now realizing that security is everyone's business, and IT auditors, in particular, are impacted in ways like never before. Hacker threats, evolving technologies, and staff shortages require IT auditors to address the enterprise's increasing IT risks and acquire new skills and procedures.

Keep reading...

By Katherine Teitler 

January 15, 2016

In a profession that’s designed around problem identification, it’s no wonder security professionals are often labeled “contrarians” or “trouble makers.” From the outside in, it looks like security’s job is to find problems even when operations are seemingly gliding along smoothly. Security pros are trained to slog through logs and find anomalies. They test for areas of compromise even if an incident hasn’t been identified. Security makes the entire organization change network passwords for no reason, every 60-90 days! 

Keep reading...

How do you secure that which you don't control? This is the big question for every enterprise, since no organization exists in a vacuum. From third-party commercial software (including operating systems) to open source, custom-written applications, SaaS providers to systems integrators, hardware suppliers, and business partners, there are plenty of attack vectors that cause concern. Larger enterprises can work with tens of thousands of third-party suppliers, all with varying levels of interest in and controls around security; smaller organizations may have trouble even discovering all the partners in their supply chain.

Keep reading...

Cyber Fraud

According to OWASP, the Open Web Application Security Project, online fraud is described as, “the use of deception by an individual or group of individuals using an online medium with the intention of obtaining an advantage for himself or herself or for a third party or parties, avoiding an obligation, or causing loss to another party.”[1]

Since the mid-1990’s, businesses of all sizes and across geographies have taken advantage of the opportunity to increase their reach and thus their revenue. The ever-growing increase in online transactions, though, has also opened up opportunities for criminals to commit cyber crime.

Keep reading...

Virus

A computer virus is a malware, or malicious software, program. What makes viruses unique is that they replicate themselves by inserting copies into programs, files, or the boot sector of a computer’s hard drive. Once a virus takes hold, the computer is said to be “infected,” and the virus can access, change, steal, or delete data, affect the operation of the computer, spread to other computers, sap memory, or “crash” the computer, among other payloads (malicious activity).

Viruses can move from computer to computer without  users’ knowledge, but for the virus to spread, it requires some user action, like clicking on an infected link, visiting an infected website, or opening an infected attachment.

Keep reading...

As a young man, I was given some advice that seemed too obvious to really be considered advice. It went something along the lines of, "If a person keeps a checkbook that's not accurate or up to date, don't hire them as your accountant..." As DevOps rises in popularity, I am reminded of this adage often.

Keep reading...

Incident Response Planning

Incident response is the process of reacting to a real or potential data breach or theft. Incident response can be viewed as a set of specific and detailed policies and procedures that are planned in advance, practiced, and deployable when a security incident occurs.

Keep reading...

The Tor Network

The Tor Network is a way for Internet users to browse the Web anonymously and keep communications from prying eyes. In light of recent events, even the average citizen knows that search engines and standard Web browsers track users' every Web-based movement in order to monetize traffic, and that three-letter government agencies are privy—should they decide—to what are assumed private communications. The Tor Network allows users to navigate the Internet while protecting their own privacy.

Keep reading...

The problem

Would you ride on a space shuttle mission if you knew that the scientists and engineers who planned the mission and built the spacecraft couldn't agree on the definitions for mass, weight, and velocity? Probably not. Unfortunately, if you ask six information security professionals to provide their definitions for fundamental terms like "risk," "incident," and "threat" you're almost certain to get inconsistent answers. Likewise, if you ask security professionals to identify their organization's top "risks" you will invariably receive a list that includes concerns which, although important, aren't risks.

Keep reading...

Event Search

Download Catalog Dark Blue 300x58

Subscribe to Newsletter LightBlue 2 300x58

ACV17 300x58

MIS|TI Tweets

ACL MISTI Grey 300x58

Please choose your region

Submit
Select a Region
United States
United Kingdom/Ireland
Africa
Americas
Asia-Pacific
Europe
Middle East

By continuing to use misti.com you will be agreeing to the website Terms and Conditions, the Privacy Policy, and the Use of cookies while using the website.