During a penetration test, we’ve found that a common (and easy) way to gather credentials and gain an initial foothold on the client’s network is to perform a Man-in-the-Middle poisoning attack abusing LLMNR & NBT-NS. Depending on how active users are on the network, this attack can give an adversary valuable information almost immediately. Fortunately, with a little knowledge, this attack can be easily remediated.
What is LLMNR & NBT-NS?
Topics: Cybersecurity, Network Security, Information Security, hacking
RSA 2019 discussed a whirlwind of topics, including everything from up-to-the-second threats to the long-term global implications of General Data Protection Regulation or GDPR, the European Union’s data protection policy. Navigating the various events can be a daunting task, but there were a few talks that stood out as particularly relevant to ProCircular’s clients. In this blog I’ll recap an excellent presentation and Q&A on compliance.
The reason we wear our seat belts is not to avoid getting a ticket from the police, but rather to avoid a potential injury in a car accident. This analogy is an easy way to describe the difference between box-checking security and real security, and it's instantly understood regardless of technical knowledge. This message resonates with executives, because they typically prefer to “get to the point” and correctly protecting their data is “the point” of cybersecurity.
Topics: HIPAA, Information Security, consumer security, Data Security, Data Protection, Vulnerability Assessment, it risk assessment, DFARS, cybersecurity plan, NIST
Presidents' Day is on Monday of next week and this isn’t lost on fraudsters and wire-transfer hackers. Once a wire has mistakenly been sent to the bad guy, each minute counts - the longer the delay the greater the chance they’ve been able to transfer your funds to an account that can’t be reached by the FBI. The added holiday adds an automatic delay that works to their advantage and even the most prepared organizations can fall victim.
Topics: Cybersecurity, Incident Response, FBI, security incident response
“What are the top 7 things you can do to protect your business from hackers?” Have you ever read a list like that on the internet? In the cybersecurity realm, they’re everywhere. I’ve even assembled and presented one of those lists to a group of business owners myself. They tend to point out things like user awareness training, patching and passwords. All noble things to get your arms around, of course, but are they useful to a client? Sometimes I feel as though those lists, as true as they are, are about as useful as telling a football team to “score touchdowns”, or “guard the quarterback.” Yeah, I know that scoring touchdowns is good… but how?
Topics: Cybersecurity, HIPAA, DDOS, it risk assessment, cybersecurity plan, NIST