Exploit kits can download malicious code and malware on your computer automatically while you are surfing the Internet. In this blog post we will have a closer look at this devious form of attack. What are exploit kits?Exploit kits are tools that cyber criminals use to scan your system for vulnerabilities, exploit the [...]
Network security monitoring (NSM) involves collecting and analyzing data, which in turn give companies the opportunity to detect and respond to intruders in their network. In this way, companies can take action before intruders manage to accomplish their missions, and prevent further damage to the company. Network security monitoring is however not a [...]
Most people have several different apps on their phones, but what do you really say yes to when downloading an app? A lot of apps extract far more information than necessary, track users without good reason, and require disproportionate rights to user content. Why should for example an e-book app have access to [...]
In our previous blog post, we looked at the most important constraints related to computer network defense training. These constrains were mainly related to the criteria difficulty of implementation, cost, risk and realism.Typically, these criteria tend to present themselves with important dilemmas. Which in turn force organizations to prioritize one criterion over others. Or [...]
In an attempt to introduce improvements in current computer network defense analysis training, Encripto has recently released the Blue Team Training Toolkit. Computer network defense analysis is a broad topic and skills can be acquired with different methods. Common training techniques are based on studying network traffic that could be either live or previously [...]
Did you know that frequent password changes actually weaken security? When companies force their employees to change passwords several times a year, it is likely to cause them stress and cognitive overload. To lighten the burden, employees tend to create passwords that follow predictable patterns, change a letter to a similar-looking symbol, add or [...]
On the 16th of July 2016 our security expert, Juan J. Güelfo, attended as speaker at the security conference, SteelCon in Sheffield, England. SteelCon is the North’s Premier Hacker Conference and offers a unique opportunity for participants to develop their hacking skills. The talk given by Juan covered techniques that improve current methods [...]
Blue Team Training Toolkit (BT3) version 1.1 is now released with documentation updates and minor adjustments. We have also made a brand new BT3 video series. Blue Team Training Toolkit is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 [...]
Encripto has released the Blue Team Training Toolkit (BT3). Until the past decade, common threats against computer systems could be stopped by anti-virus software and firewalls. Nowadays, these two countermeasures can be easily bypassed by attackers, and they just offer a basic degree of protection. Moreover, IT personnel are required to have specialized skills [...]
"I see dead people... walking around like regular people". With these words, a very young Haley Joel Osment began to tell Bruce Willis his scary secret in The Sixth Sense. That movie scene is in fact an analogy that some network security analysts may relate to. Concepts like network traffic replay could provide a [...]