Posted on 2020-12-30Josiah Smith
Social engineering is a common, low-tech approach where a threat actor impersonates someone else to obtain sensitive information or persuade the deceived to comply with some other request type. It has been described as “hacker-speak” for tricking a person into disclosing authentication information, executing malicious code, or opening a door. Some classic example of social engineering is the promise of funds from the prince of Nigeria, and the process has matured into malicious documents with coercive DocuSign lures or spoofed invoice scams changing the routing information for payments.
Posted on 2020-12-16Steve Esling
While two different malware samples might appear completely different to a human's evaluation, those same samples, stripped of their identities and reduced down to a vectorized representation of their most important qualities, might be found by a machine to have been twins all along. Insights like this are the goal of "clustering," a machine learning technique based on finding the similarities and differences across and between a massive amount of data points. What follows is an overview of one of those techniques, K-means.
Posted on 2020-11-24Isabelle Quinn
To validate an e-mail security stack's capability in blocking current real-world threats harvested from the wild, InQuest gathers unique malware daily and validates the common cloud e-mail providers (GSuite, O365). Collectively (stacked on top of one another), the providers' default security stacks are capable of detecting between 85% and 95% of these novel attacks. The samples capable of bypassing these stacks are candidates for the InQuest Email Security Assessment.
Posted on 2020-11-23Chris Crowley and Josiah Smith
The SOC-Class is a niche course on cybersecurity operations, training CISOs, SOC Managers, and technical leads to build and excel in Cybersecurity Operations Centers SOCs/CSOCs. This use case development methodology is one of the approaches discussed in the course and is intended to provide a framework for mature and repeatable construction of engineered detections.
Posted on 2020-10-26Josiah Smith
Cybersecurity Awareness Month was launched in 2004 as a broad effort to help all Americans stay safer and more secure online. Over the years, the program's themes have changed with technology and matured into a widespread initiative. This blog admires the effort of the security industry and governmental organization inspiring to create change and keep cyberspace safe. Read through a bit of history, steps to create a program, and a maturity model framework.