Network attacks and exploitation: a framework

There is no other book like this one, indeed I would say this is the only book I have read of this nature. It has been written and edited by Matthew Monte and Dave Aitel two experts in the field. The main focus of the book is Computer Network Exploitation (CNE) from a strategic point…

How They Rule the World: The 22 Secret Strategies of Global Power

This a short review of a geostrategy book written by Pedro Baños, Pedro is a colonel of the Spanish Army and a specialist in geostrategy, defense, security, and jihadist terrorism and he held different positions during his career from Lieutenant to Head of Counterintelligence and Security for Europe in Strasbourg. I initially got interested in this…

Free cyber intelligence courses from Augusta university

By chance, a few days ago I came across three free courses from the University of Augusta. These courses have been recognized by the NSA’s cybersecurity curriculum program. http://jagwire.augusta.edu/prestigious-nsa-recognition-for-augusta-university-cyber-security-instruction/ The courses are the following: The Global Cyber Threat Environment Cyber Conflict Strategic Cybersecurity I have not had time to go through all the courses however…

Cyber Intelligence Tradecraft Report by Carnegie Mellon University

A few days ago through my network of contacts, I came to find this fantastic report about Cyber Intelligence tradecraft and its evolution in the United States. This report is absolutely mind-blowing with its 176 pages of research on the evolution, challenges and best practices in the evolving field of Cyber Intelligence. The recommended audience…

Active Cyber Defence: deception and attacker control (2)

Let’s assume that until now, we have been applying active cyber defence in our environment. We are consuming intelligence, creating intelligence and working in tandem with our security operations teams to outmaneuver the adversary. We have also adopted the cyber kill chain model and other models to integrate intelligence within operations. Also, we are updating…

Active Cyber Defence: The need for an active cyber defence model (1)

It’s been some time since the first honeypots were developed and the concept of deception contemplated as a potential mechanism to detect, slow down and counter-attack the opponent. We are looking at 15 to 20 years of attempts to embrace cyber deception, almost in parallel in the same amount of time the threat has evolved…