Ever wondered how you can deliver security awareness training to staff in your organisation that they will love? In this article, we are revealing the techniques we find useful in our training sessions.
Tag: secops

Launching ‘Privacy for Journalists’
Reporters are one of the bastions of democracy, as they could expose the wrongdoings of governments, corporates or well-connected individuals affecting the many.
With the legal protections shrinking and the technical disparity widening, the protection of information sources is more challenging than ever.
Information security experts launch website and community to help investigative journalists protect their information sources.

Command-and-Control Malware Traffic Playbook
Malicious actors operate command-and-control (C&C/C2) servers to interact with their victims’ computers. These C2 servers are intended to instruct the compromised PCs to do undesired things, such as stealing the user’s passwords, encrypting the files for ransom or attacking other computers on the network.

Should SOCs monitor application or infrastructure logs for suspicious events?
We learned from the previous article that SOCs/Incident Response teams should be looking for threats that represent high-level risks to the normal business activities.
We know the who, but how can we define what needs to be protected?
Assume your company has over a thousand business applications. They are hosted in multiple data centres as well as in the cloud. There are Windows and Linux hosts, and many of these are not patched of course. On top of that, nobody knows who owns them.
The following article cuts through this complexity and explains a simple approach.

Risk-Driven Incident Response
Psst! Do you wanna protect your company from security incidents?
But what you have is hundreds of apps, your infrastructure looks like a bowl of spaghetti and the company is short on resources? Don’t worry, it’s doable with careful planning!
This risk-based incident response framework lets you target the most critical things at your organisation. Keep on reading and your incident response team will operate as a powerful sniper rifle, rather than a clunky shotgun.

Writing Incident Response Runbooks
Incident response runbook (aka. playbook, “use case”) is a written guidance for identifying, containing, eradicating and recovering from cyber security incidents.
Check out this practical guide that walks you through the runbook development process for tackling phishing campaigns.