Defense

Can Cyber Deception be used as a force for…

Scams, Disinformation & Supply Chain Compromise

Now this might come to a shock to some of you but I’m not actually (as my LinkedIn profile currently says) Tony Stark! I know, shocking but it’s true. Why I’m experimenting with this will hopefully be apparent after reading this post (although this isn’t an explanation specifically). What I’m looking at is how deception is used from a range of perspectives from marketing, cybercrime and how we can use deception in a positive way, to actively defend ourselves from the cyber criminals! Read more “Can Cyber Deception be used as a force for good?”

Defense

Cloud Security – 26 Foundational Security Practises and Capabilities…

That is quite the catchy title don’t you agree? Ok so that needs some work and when we think about cloud security, we need to realise that Computing as a Service isn’t a silver bullet.

One Cloud to Rule them all and in the darkness bind them

Ok so the cloud was promised as the saviour of IT and Cyber security but the promise vs the reality. Well, let’s be frank, they don’t really match up. But have no fear – secure cloud design is here (omg cringe)! Ok now we have that out of my system let’s look at some basic cloud security considerations to make when thinking about cloud services.

Checklist

Ok so the world doesn’t work with a checklist however, if you are like me you will want to use lists and aides to jog the little grey cells into action. Let’s think about cloud services and security: Read more “Cloud Security – 26 Foundational Security Practises and Capabilities Checklist”

Defense

Defending against authentication attacks

Ok so my most popular blog on pwndefend is about using Hydra… so I guess that’s all the goodies using it for good things, right? Probably not but it does help people understand the weaknesses of single factor authentication systems without supplementary controls.

So, let’s look at authentication defences, but let’s do this from an attacker perspective! (The opposite of what helps an attacker usually helps defend). Crazy madness right, let’s get to it!

Foundations of Sand

Ok so authentication is a key security control in computer systems. To understand the challenge around authentication and think it’s all a technical problem is to error.

See most modern computer systems require at least two things to authenticate:

  • A Username
  • A Password

Read more “Defending against authentication attacks”

Defense

Cyber Security Tips – Keeping your digital self, safe!

Not even most of my digital life is in the enterprise security space, whilst this is great if you have access to technology budgets, security specialists and modern business class solutions, this doesn’t really fit into the general populations landscape of technology. I thought I’d take a high-level exploration of what digital security looks for people who aren’t security nerds! This is a bit of an experiment for me as it’s a journey into a world where although some things apply to me (obviously I’m human), some of this from a thinking/blogging point of view aren’t my comfort space. So, let’s see what a world outside of being a nerd look like!

Commons Risks

I’m thinking the risk landscape is still broad however when we think about risks, I reckon a general view model may look at some of the following scenarios:

  • Fraud/Scams
  • Sextortion
  • Phishing
  • Social Media Account Takeover
  • Device Theft
  • Device Loss
  • Equipment Failure/Data Loss
  • Threat from known individuals with physical access
  • Human Error

Read more “Cyber Security Tips – Keeping your digital self, safe!”

Guides

Cyber Security Design Review

Purpose

To conduct a solution review we need to consider multiple perspectives. Cyber security can be described as (from the NCSC):

“Cyber security’s core function is to protect the devices we all use (smartphones, laptops, tablets and computers), and the services we access – both online and at work – from theft or damage. It’s also about preventing unauthorised access to the vast amounts of personal information we store on these devices, and online.”

Cyber Security is concerned with risks, threats, vulnerabilities, and controls. This really means the breadth and depth of cyber security is vastly wide and terribly deep. Read more “Cyber Security Design Review”

Defense

Risk management is easy! Isn’t it?

Information security theory and practises use a commonly understood and simple range of tools, methods, and practises to help organisations understand their risk portfolio and to enable them to make both strategic and tactical investment decisions….

Ok someone pinch me. this simply isn’t the reality I see on the ground. The theory is vast, complex and there are a multitude of good/best/insert phrase frameworks and tools that you can leverage to map, model, and communicate risks, vulnerabilities, controls, threats etc.

I’m not going to do a detailed analysis and comparison of different models here, but I am going to at least give people a view of some of the tools and frameworks that you can and may likely experience in the cyber security world. Read more “Risk management is easy! Isn’t it?”

Leadership

Cyber Security Architecture

I remember (now it was a long time ago) when I worked in a support role and my dream job was being a technical architect, back in the warm and fuzzy days of no host-based firewalls, IPsec being something only MCPs knew about other than the networking team and when cybercrime was a shadow of how it is today.

It wasn’t until I had a few more notches under my belt when I realised that architecture in technology has different viewpoints, not only that but even the industry can’t agree on what things are or are not. That aside the reality is, is that architecture has different domains, specialisms, views, and viewpoints. I often find myself working across a whole range of areas, that is driven largely by specific customer requirements and scenarios (this is why I have a cool lab and lots of kit!)

When we consider a business technology system it has risk and by nature cyber security in that view. To think of this not being the case would be odd because ultimately “business” is the highest abstraction, and let’s think about what makes up a business: Read more “Cyber Security Architecture”

Defense

Exposed VMWARE vCenter Servers around the world (CVE-2021-22005)

There’s a new CVE in town but don’t think it’s the only problem you get when you expose administrative interfaces to the wild west of the internet (yeeha or something). Let’s go on a quick exploration of what the world looks like with the help of our friends at Shodan and then let’s see the ramblings of Dan when looking at how benign enumeration and exploration of services can work. Let’s get started looking at the world, a quick face analysis on Shodan with vmware as a product shows a hit or two, what we are going to focus on is vCenter but you know.. you might want to review your attack surfaces so any exposed services (damn people expose some risky stuff!) Read more “Exposed VMWARE vCenter Servers around the world (CVE-2021-22005)”

Defense

CAF Workbook

Undertsanding the current state of cyber capability maturity across an organisation is no simple feat. The team at NCSC have created a really good set of guidance with CAF. With all things there’s different ways on consuming, understanding and leveraging good practises.

I often find have XLS workbooks incredibly valuable when looking at indicators of good practise inside organisations. With this in mind, I started to put the GAF indicators into a workbook. This isn’t complete yet. It needs refactoring so it can be pivoted etc. It also needs some parts added for metadata capture and analysis.

I’m publishing this because sitting collecting virtual dust is probably the least valuable thing that can occur.

Hopefully this is helpful to people, even in it’s current half baked state. I’ll and complete this at some point!

Read more “CAF Workbook”
Copyright (c) Xservus Limited