Last week, we talked about domestic abuse fuelled by IoT, doing threat intel programs right, blocking ICO fraud, and man-in-the-middle attacks….
Tag: Threat Intel
So you’ve been asked to start a threat intel program
Ever since the Mandiant APT1 report landed like a bomb in private sector security reporting, threat intelligence has been a hot…
Tech support scams: what are other people doing?
We’ve talked a lot about tech support scams over the past few years, typically focused on what we see ourselves, and…
OWASP top ten – Boring security that pays off
There’s a lot of very unique, creative, and devastating cyber threats out there. The first inclination of a defender is to…
Why do I care about someone else’s data breach?
Because as the size of your organization increases, the probability that an individual employee’s company email is in that breach rises…
How do I get my employees to stop clicking on everything?
If you’ve been given responsibility for network security in a non-technical area of the business, there’s one eternal question that has…
Attribution Part II: Don’t overthink it
Last time, we took a look at a few common mistakes that are easy to make when trying to attribute cyber…
Attribution, and when you should care: Part 1
It’s not China. Unless it is. Or maybe it’s a 400 lb hacker in their basement. Unlikely. Who can tell who…
Threat modeling: What are you so afraid of?
When asked “what should we defend against,” a common response by a decision maker is “everything,” operating under the implicit logic…