Offensive Cyber Counterintelligence (white paper)

Interesting white paper, I would not have called Offensive Cyber Counterintelligence as it mainly conveys the idea of creating intelligence from the adversary. Nowaday  there are disciplines such as Cyber Threat Intelligence for this sort of intelligence. I understand the Cyber Counterintelligence as a branch of the intelligence which is concerned with keeping information out of…

Incident analysis methodologies

In the past I researched for analysis methodologies in order to ascertain if the incidents flagged up by the security systems were true positives however  I could not find much about it. I was looking for a set of processes or steps that I could repeat over time and that lead me to a conclusion…

Bypassing Perimeter Security and Malware Evasion (2)

This post is a continuation of Bypassing Perimeter Security and Malware Evasion (1) As discussed before the best way to understand how drived by downloads technique work to bypass modern cyberdefenses is with a network traffic analysis exercise. The get a full understanding of the technique we will have to look for answers to some…

Computer network defense operations, disrupting the enemy’s attack

In the last couple of weeks I have been reading different white papers related to network computer defense and the general idea in all of them is that the industry is moving towards a dynamic approach to computer network defense. In the past, IT would be dealing with the defense of corporate networks however that…

Bypassing Perimeter Security and Malware Evasion (1)

I could have titled this article in many ways such as perimeter disintegration, endpoint security visibility still a problem or even exploit kit. The reality is that all of them are part of a bigger problem and it is how criminals are bypassing the security perimeter and getting inside the networks where organization´s most precious…