Unfamiliar territory As a security analyst, engineer, or CISO, there are so many aspects of the field that require immediate attention that one cannot possibly know everything. Some of the common areas of security knowledge include topics such as where to place a firewall, configuration and patch management, physical and logical security, and...

It’s been a little while since we last reviewed a book, but a lot of my team has been spending time with Ghidra this year. Craig Young taught a course on the subject, and I’ve used it with my students at Fanshawe College in their Malware Analysis course. Given our fascination with Ghidra, reviewing The Ghidra Book: The Definitive Guide by Chris...

Life for university students has changed massively during the coronavirus pandemic, as it has for all of us. While some in-person lectures and seminars are still taking place, there has been a big shift to remote learning. This has, perhaps understandably, led to concerns about how well students are engaging with this way of studying. Many...

In this blog series, I will be putting the spotlight on useful Ghidra features that you may have missed. Each post will look at a different feature and show how it helps you save time and be more effective while reverse engineering. Ghidra is an incredibly powerful tool, but much of this power comes from knowing how to use it effectively. What is...

The National Cyber Security Centre (NCSC) released its annual review of 2020. If you are unfamiliar with the NCSC, part of their mission is that they are “dedicated to making the United Kingdom the safest place in the world to live and work online.” This is a lofty goal, and since the first report, issued in 2016, the NCSC remains steadfast in...

Organisations are still underestimating the risks created by insufficiently secured operational technology (OT). One current example comes from Germany. According to a report by heise.de, external security testers consider it “likely” that a successful serious cyberattack against the publicly owned water company Berliner Wasserbetriebe could lead to a...

As an infosec professional, you’ve likely heard of the National Institute of Standards and Technology (NIST). If you are unfamiliar with NIST, it is an organization that produces many publications including the well-respected Special Publication SP 800-53r5 standard, titled “Security and Privacy Controls for Information Systems and Organizations.” ...

U.S. Federal Cybersecurity Today Computer security regulations have come a long way from their early beginnings. Even before the Federal Information Security Management Act (FISMA), there was the Computer Security Act of 1987 (CSA). The Computer Security Act was enacted by the 100th United States Congress in response to a lack of computer security...

The outbreak of COVID-19 has led many businesses to transition a large number of employees to remote work. The shift could end up becoming a long-term trend; it’s expected to continue after the pandemic ends. Therefore, it is more important than ever to develop strategies for managing and responding to risks within your organization. Internal risk...

According to last year’s Gartner forecast, public cloud services are anticipated to grow to $USD 266.4 billion by the end of this year, up from $USD 227.8 billion just a year ago. Clearly, cloud computing is making its way to cloud nine, (See what I did there?) leveraging the sweet fruits of being in the spotlight for a decade. However, the threats to...

Malicious actors are targeting Apple. Although Apple introduced a notarization mechanism to scan and prevent malicious code from running on Apple devices, attackers have found ways to circumvent this process. Such Apple-notarized malware constitutes a threat to macOS users. Let us start by exploring what Apple notarization is. We will then discuss...

So, you're a ransomware gang and you want to ensure that you have caught the attention of your latest corporate victim. You could simply drop your ransom note onto the desktop of infected computers, informing the firm that their files have been encrypted. Too dull? You could lock infected PCs and display a ghoulish skull on a bright red...

Digital attack attempts in industrial environments are on the rise. In February 2020, IBM X-Force reported that it had observed a 2,000% increase in the attempts by threat actors to target Industrial Control Systems (ICS) and Operational Technology (OT) assets between 2018 and 2020. This surge eclipsed the total number of attacks against organizations...

As I had mentioned previously, this year, I’m going back to school. Not to take classes, but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to...

Compliance is very important to any organization. Organizations have many standards to choose from including PCI, CIS, NIST and so on. Oftentimes, there are also multiple regulations that are applicable in any country. So, organizations need to commit some time and resources in order to apply security standards and achieve compliance. Even so,...

Recently, the Securities and Exchange Commission’s exam division issued a Risk Alert (the “Alert”) where it carried out several targeted cybersecurity investigations. The agency is now concerned with how there’s been an increase in a specific type of hack known as “credential stuffing.“ This cyberattack involves using stolen credentials to log into...

One of the major improvements that the avionics industry is undergoing is an Internet of Things (IoT) upgrade. And this is inevitably affecting how airlines approach aircraft safety. From the beginning, safety has been paramount to the aviation industry. But while it is a welcome innovation, the incorporation of IoT devices in aircraft comes with...

Policy compliance within the information security space can be an exhausting concept to wrap our heads around. Writing a policy document, publishing it to staff and then staying hands-on to ensure it is followed in perpetuity is easily seen as an arduous, if not an impossible, task. Policies set the basis for every successful information security...

In the last quarter of 2019, researchers at ClearSky uncovered an attack operation that they dubbed the “Fox Kitten Campaign.” Iranian actors used this offensive to gain persistent access into the networks of dozens of companies operating in Israel and around the world across the IT, telecommunication, oil and gas, aviation, government and security...

You don’t have to search very far in the news to see stories of websites being hacked and customer details being stolen. Stories about incidents involving industrial control systems (ICSes) and operational technology (OT) environments aren’t so common. But they are prevalent. Just the other week, for example, an airline company sent out an email...