Bypassing Perimeter Security and Malware Evasion (2)

This post is a continuation of Bypassing Perimeter Security and Malware Evasion (1) As discussed before the best way to understand how drived by downloads technique work to bypass modern cyberdefenses is with a network traffic analysis exercise. The get a full understanding of the technique we will have to look for answers to some…

Computer network defense operations, disrupting the enemy’s attack

In the last couple of weeks I have been reading different white papers related to network computer defense and the general idea in all of them is that the industry is moving towards a dynamic approach to computer network defense. In the past, IT would be dealing with the defense of corporate networks however that…

Bypassing Perimeter Security and Malware Evasion (1)

I could have titled this article in many ways such as perimeter disintegration, endpoint security visibility still a problem or even exploit kit. The reality is that all of them are part of a bigger problem and it is how criminals are bypassing the security perimeter and getting inside the networks where organization´s most precious…

Cyber strategy evolution, together we are stronger.

Some days ago I came across an interesting report by KPMG aimed at cyber leaders in organizations combating threats in the cyber space. It is an interesting article especially for those in the managerial field of cybersecurity, it covers different areas of cybersecurity which are currently in evolution to provide better cyber defenses in a constant…

Reporting to management / evidence reconstruction and hypothesis

In this article I am covering the main points proved in the previous article, Network Forensics – Traffic Analysis (2) In order to report to management we will need to create a timeline that can be checked and that is supported by the evidence extracted from the pcap file. I am starting by a timeline…