Monday, July 3, 2017

Targeted iPhone Phishing Scams (Trident Zero Day)

Here's the video of an interview I did for News12 regarding iPhone users being targeted for phishing scams related to the Trident zero day. Time to update!

http://longisland.news12.com/story/35241250/cybersecurity-expert-warns-of-scam-targeting-iphone-users

The Rise of Artifical Intelligence in Cyber Security

The rise of behavioral analytics, machine learning, artificial intelligence, or whatever the latest nomenclature is currently being promoted by vendors, has taken the security community by storm and showing no signs of stopping. It's almost impossible not to see these phrases mentioned on new preventative solutions going to market and rightfully so. With an industry accustomed to relying on static signatures, known bad hashes and singular alerting, this technology is a welcome relief for defenders and we've seen the market capitalize on our desire for it. Here's an article I wrote for SC Magazine regarding how AI become the darling of an industry: https://www.scmagazine.com/how-artificial-intelligence-became-the-darling-of-an-industry/article/666778/

Monday, May 15, 2017

WannaCry - It's Time To Get Back To Basics

I've been asked to comment on the WannaCry Ransomware by a few groups. Here are my thoughts on what happened and what the logical next steps are. You can read the blog post here: http://www.ccsinet.com/blog/wannacry-keep-calm-and-remember-the-basics/
Honestly, this is a wake-up call for the security community to "Get Back to Basics". Plain and simple. 

Friday, May 5, 2017

Defeating Ransomware With A Little Help From Your Friends

We all know this so it doesn't have to be said, but I'm going to say it anyway: Ransomware sucks. For anyone who's suffered at the hand of attackers making money by holding your personal or business data hostage, you know just how much it sucks. The issue doesn't seem to be going away either, but getting exponentially more difficult to deal with as attackers hone techniques and companies continue to deal with limited security resources.

Last month I worked with CCSI to write a whitepaper on behavioral analytics and machine learning and how it can be applied to detect and prevent attackers in your network. On May 11th, CCSI is hosting a webinar to review this whitepaper and the role of how MSSP's can use this technology to assist you with becoming more secure.

The key questions to ask when attempting to defeat ransomware are:

1. Will your current technology detect ransomware in your network?
2. If it does detect it will it prevent it?
3. How do you respond to these notifications? Especially during off-hours or with a limited staff.

This webinar reviews the role of MSSPs in this space and how they assist your organization become more resilient by using this technology to detect/prevent/respond to ransomware in your network 24x7x365.

There is limited space for this webinar so sign up soon: http://www.ccsinet.com/ccsi-webinar-defeat-ransomware/

Tuesday, April 25, 2017

Using Machine Learning and Behavior Analysis to Assist with Threat Detection

Here's a whitepaper I wrote with CCSI describing what machine learning is and how you can use behavior analysis to assist your organization with threat detection. Few things over the past years have changed the way we defend our network like these two. 

Attackers are consistently breaching enterprise networks in attempts to compromise confidential data and the hard truth is they’re not slowing down. Data breaches have almost become common place in today’s news and we’ve seen businesses hit with attacks that cost them millions of dollars in lost revenue, fines and consumer trust. The majority of these organizations already had the traditional security commodities in place (e.g. Logging, firewall, SIEM) and yet was still breached by dedicated attackers. In today’s attack landscape advanced attackers are able to bypass many of these defenses with persistent and dedicated attacks directed towards the organizations user base and vulnerabilities within their security architecture. The unfortunate truth when using only traditional security defenses is that the odds are heavily weighted in the attackers favor. By adding behavioral analysis and machine learning to a business’s cyber defense brings visibility to threats, which are sorely needed in today’s networks.

Tuesday, March 28, 2017

MegaplanIT Supports PCI SSC North America Community Meeting with Platinum Sponsorship

I've worked with the group over at MegaplanIT for quite some time and have nothing but great things to say about them and their company. They're professionalism, technical ability and business acumen have always impressed me. Which is why when I heard they were sponsoring the PCI SSC North America Community as a Platinum sponsor I wanted to give them the recognition they deserve. Over the years MegaplanIT has grown to become a trusted partner in the security and compliance space and it's great seeing good people succeed. I would highly recommend reaching out to them for any PCI related services. Below is their new press release - Kudos, guys!




MegaplanIT Supports PCI SSC North America Community Meeting with Platinum Sponsorship

MegaplanIT, LLC, is the Platinum sponsor for the PCI SSC North America Community Meeting being held in Orlando, Florida, in September, 2017.

Scottsdale, Arizona – March 2017

MegaplanIT, LLC, a PCI QSC and premier provider of security and compliance solutions, has announced that it would be participating in the PCI SSC North America Community event this September, as a Platinum sponsor. The event, which takes place September 12-14, in Orlando Florida, is a principal conference bringing together stakeholders from the payment card industry to participate in discussions on the latest standards, technologies, and strategic initiatives shared by the PCI Council.

“We are excited for the opportunity to partner with the PCI Council as a Platinum sponsor in this year’s PCI SSC North America Community Meeting.  By sponsoring the event, we hope to display MegaplanIT’s continued commitment to, and appreciation of, the PCI Council’s hard work and guidance”, says Managing Partner of MegaplanIT, Michael Vitolo. He goes on to share, “with this support of the Council, we’re continually looking to develop strong relationships and work with other organizations to become a trusted partner within the payment card industry, while offering the best services available to our customers.”

By promoting the Platinum sponsorship, MegaplanIT believes that showcasing their brand during this PCI community event demonstrates their level of commitment and dedication to their clients in need of PCI and security related services. 

For further details please contact:

Jerry Abowd
Principal Account Manager
MegaPlanIT, LLC
800-891-1634 ext 105

Thursday, March 23, 2017

10 Must Read Infosec Books

I was recently asked to participate in selecting one information security book to add to a round-up of recommended reading for infosec pros. The round-up includes ten selections from different people and was published by Tripwire here.

There are many great books out there I wanted to recommended, but since I only had one spot on the list I wanted to make it count. My selection, even though it's an older book, was: Extrusion Detection: Security Monitoring for Internal Intrusions by Richard Bejtlich.

The technology in this book might have changed, but the concepts are still the same. In order to defend the confidential data within your network, there needs to be proper extrusion detection in place to detect intruders who have comprised your internal systems and are attempting to siphon sensitive data our of your network. There's been a huge emphasis on preventing threats in the past but we have to gain a mindset on expecting that we're already breached and how to deal with it. This book gives you some serious food for thought on how it can be applied and was eye-opening for me when I read it almost a decade ago.