HackDig : Dig high-quality web security articles for hackers

Preparing a Client Environment for Threat Management

A key part of making any threat management program successful is ensuring it maps properly to the client’s needs. In the past, this has been challenging for many groups providing threat management to their internal teams. The challenge has largely been in making sure the proposed program and the suite of solutions find and call out the most pressing t
Publish At:2021-01-14 19:59 | Read:136 | Comments:0 | Tags:Threat Hunting Threat Intelligence Security Services Threat

What is STRIDE and How Does It Anticipate Cyberattacks?

STRIDE threat modeling is an important tool in a security expert’s arsenal. Threat modeling provides security teams with a practical framework for dealing with a threat. For example, the STRIDE model offers a proven methodology of next steps. It can suggest what defenses to include, the likely attacker’s profile, likely attack vectors and the as
Publish At:2021-01-11 21:47 | Read:200 | Comments:0 | Tags:Cloud Security Threat Hunting Threat Intelligence threat mod

Why Red Team Testing Rules the Cloud

Red team testing is a key way to help prevent data breaches today. Most cyber defense focuses on spotting openings and fixing general risks in your environment. Red teaming not only reduces risks, but also prevents possible breaches. Methods, such as threat modeling, static analysis and dynamic testing, reduce the attack surface but do not eliminate risk. W
Publish At:2021-01-07 16:23 | Read:171 | Comments:0 | Tags:Security Intelligence & Analytics Security Services Threat H

SolarWinds Backdoor (Sunburst) Incident Response Playbook

Over the last several days, TrustedSec has received queries on the best ways to contain, eradicate, and remediate the SolarWinds backdoor (aka #solarigate aka Sunburst). The TrustedSec Incident Response team has put together a playbook of recommended actions to provide some level of assurance that your organization is no longer affected by the backdoor. T
Publish At:2020-12-17 19:06 | Read:215 | Comments:0 | Tags:Incident Response Incident Response & Forensics Research Sec

How Open Security Can Make Threat Management More Efficient

Security operations center (SOC) teams struggle with an array of challenges. Too many tools can make the work too complex; and recruiting and retaining personnel can be hard amidst a skills shortage. Experts need to focus on using their skills to their fullest. But, an open approach can improve threat management in a way that makes all of these things easie
Publish At:2020-12-10 09:47 | Read:137 | Comments:0 | Tags:Security Services Threat Hunting Security Security Operation

Threat Analysis: How the Rapid Evolution of Reporting Can Change Security

With the advancements in data reporting gleaned from security information and event management (SIEM) tools and adjacent solutions, every security team today can face information overload and paralysis. To gain clarity within this murk, the practice of threat analysis has emerged and continues to evolve with time. With it, security professionals can fi
Publish At:2020-10-29 15:28 | Read:491 | Comments:0 | Tags:Security Intelligence & Analytics Threat Hunting Threat Inte

The Tale of the Lost, but not Forgotten, Undocumented NetSync: Part 2

This is a continuation of The Tale of the Lost, but not Forgotten, Undocumented NetSync (part 1) and in this section, we will look to answer: What are Some Early Indicators to Detect NetSync at the Host-based Level?What are Some Possible Controls to Deter NetSync? In an accompanying blog post, Wes Lambert (@therealwlambert) steps through a packet captu
Publish At:2020-10-27 10:41 | Read:388 | Comments:0 | Tags:Active Directory Security Review Incident Response Incident

The Tale of the Lost, but not Forgotten, Undocumented NetSync: Part 1

They say, “Everything old is new again.” Or, if you are a Game of Thrones fan, “What is dead may never die.” For me, however, a mentor once told me, “Everyone is going forward. I’m going backward.” Enter NetSync… I find Twitter to be a good source for InfoSec tactics, techniques, and procedures (TTPs). An
Publish At:2020-10-27 10:41 | Read:363 | Comments:0 | Tags:Active Directory Security Review Incident Response Incident

Are Bug Bounty Programs Worth It?

Bug bounty programs are on the rise, and participating security researchers earned big bucks as a result. According to a report released by HackerOne in February 2020, hackers had collectively earned approximately $40 million from those programs in 2019. This amount is nearly equal to the bounty totals hackers received for all preceding years combined. In &
Publish At:2020-10-12 10:28 | Read:356 | Comments:0 | Tags:Risk Management Threat Hunting Threat Intelligence Bug Bount

Autonomous Vehicle Security Needs From A Hacker’s Perspective

With connected cars becoming more common, the industry has more standards and options when it comes to autonomous vehicle security.  Adam Laurie, known in hacker circles as Major Malfunction, leads X-Force Red’s automotive testing practice. He has seen firsthand how easy it can be to compromise an autonomous vehicle if strong security processes a
Publish At:2020-10-08 08:58 | Read:326 | Comments:0 | Tags:Security Intelligence & Analytics Software & App Vulnerabili

Web Application Security Best Practices: A Developer’s Guide

Digital adoption is only increasing in today’s world. It brings with it the challenges of safeguarding financial and personal data against potential threat actors. Including web application security best practices during application development can patch some of these holes and ensure the applications adhere to security standards and are free of vulne
Publish At:2020-10-05 10:46 | Read:568 | Comments:0 | Tags:Application Security Security Services Threat Hunting threat

Incident Response: 5 Steps to Prevent False Positives

False positive alerts in your threat intel platform can leave your team scrambling. It’s like driving to the wrong address. You reach a place, but also waste time you could have used at your intended destination. For security teams, knowing how to screen for false positives saves time and makes the team more efficient at addressing real threats. Learn
Publish At:2020-09-04 08:13 | Read:525 | Comments:0 | Tags:Threat Hunting Threat Intelligence Threat Research False Pos

SMS Phish – An Incident Walkthrough

Opener The goal of this blog post is to provide an approach to analyzing a text-based phish link. I will primarily focus on the initial steps to properly view the phish site from a non-mobile browser, provide OPSEC setup and browsing analysis recommendations, and conclude with defense measures to protect against such attacks. Analysis Background Whi
Publish At:2020-09-03 14:29 | Read:1117 | Comments:0 | Tags:Incident Response Incident Response & Forensics Threat Hunti

SOC 2.0: A Guide to Building a Strong Security Ops Team

In a security operations center (SOC), your cybersecurity tools are only as good as the people using them and your SOC’s culture. What are the critical SOC roles? What qualities should you look for when hiring for them? And, what should you expect from a cybersecurity career? Learn more about why IBM was selected as a Global and European Leader in Man
Publish At:2020-09-02 17:10 | Read:629 | Comments:0 | Tags:Incident Response Security Intelligence & Analytics Security

Threat Hunting Techniques: A Quick Guide

Threat hunting is an essential part of security operations center services and should be incorporated at an early stage. Threat hunting is the art of finding the unknowns in the environment, going beyond traditional detection technologies, such as security information and event management (SIEM), endpoint detection and response (EDR) and others. There are m
Publish At:2020-08-05 10:35 | Read:473 | Comments:0 | Tags:Threat Hunting Advanced Threat Protection Advanced Threats C

Tools

Tag Cloud