Are we all Linking In?

Cybersecurity or Information Security (InfoSec) equates to the continuous analysis and reduction of negative risk associated with using the internet for communication and a plethora of tasks.

Cyber Awareness is a team effort.

All companies, from the top down and back up again, should be instilling the culture of continuous learning. Cyber Security and Information Security should be a topic of discussion each day. Ask what you can do to help improve your security posture and to reduce the risk.

– Have you considered Network Segmentation?
– Do you have a Next Generation Firewall in place?
– Have you tested how secure your Wireless Networks are?
– Would you consider switching off the Wi-Fi and using a network cable instead?

Want to analyze or research the potential Cyber Kill Chain or at least gain some insight into what malware might be up to or what might happen when a suspicious link is clicked, but you are not looking to handle the suspicious or malicious files or URLs yourself?

ANY.RUN Public Submission Reports.

Use the file hash for the exact match or use a tag (e.g. “emmenhtal”) to search for similar files and URLs to find the same or similar suspicious URL or file that has already been submitted. This allows you to perform some level of analysis without handling the file or URL yourself. It can also assist you to familiarize yourself with the other tactics and techniques used during the different attack stages or phases. One can also gather a list of files and file types, domains, and living of the land binaries that are utilized during the attack.

If all of the doors are left wide open and the threats cannot be picked up anyway, then a losing battle is being fought.

Would you still require an Anti-Virus (AV) even if you knew exactly how the malware got there in the first place?

AV’s rely heavily on a known and therefore previously reported malware database and their associated malware signatures. This gives them the ability to detect only known malware. They are in a sense rather limited and blinded by what they don’t know, which reduces their detection capability.

According to Statcounter, South Africa (42%) is a little behind the UK (49%), which is quite a bit higher than the entire world (37%) on upgrading from Windows 10 to Windows 11.

With no further security updates being made publicly available for Windows 10, from mid-October this year, according to Microsoft, it will be interesting to see what happens.

Want to find certain events in a collection of event logs?

To start, you need search criteria. Take what you know to find what you want to know, then take that and use it to find more of what you want to know. Continue this process until you can compile as much of the characteristics of what you are looking for that you can find. Try to exclude what you are not looking for, but be very specific, making sure that you are not removing the results you still want.

Remember that some log records that you are looking for might not contain certain fields that the records that you are also looking for have. For example, using a certain field could automatically exclude results of records that don’t contain that field. Use graphs or visualizations to view spikes and to correlate events, amongst other things. Make notes, take screenshots, save and label them for reference.

Did you know that Information Security (InfoSec) starts with a well-defined and comprehensive InfoSec Policy?

How much does that cost? Nothing but a bit of time, research and documentation.

Remember that the three main objectives of InfoSec are:

– Confidentiality
– Integrity
– Availability