Did Intel Just Get the Axe?

Intel could probably start causing fires with their processors and still be the number one provider of silicon in the world. They are not likely to find themselves filing bankrupcy because a research team has continued to develop an exploit disclosed in January. While the modification for use of processors may reduce chipset features, IntelContinue reading “Did Intel Just Get the Axe?”

Verizon’s 2020 Data Breach Investigation Report

While it comes as no surprise that phishing attempts are going unreported in the Educational Services section of DBIR, the disproportionate amount of credential stuffing attempts indicates that this sector is behind the times on the enforcement of security best practices for AAA policies. An alarming increase in ransomware related malware attacks might be tellingContinue reading “Verizon’s 2020 Data Breach Investigation Report”

Setting the T.R.A.P.

Sometimes it takes a cybersecurity incident for a company to start moving resources into securing information within an organization. Such incidents can be handled with proven incident response methodologies similar to the PICERL model as documented by Patrick Kral. Ultimately, there will be iterations of process improvement that help to shore up the security policiesContinue reading “Setting the T.R.A.P.”

Exposure on the Homefront

The evolution of risk to corporate infrastructure has been augmented by the COVID-19 pandemic over the last week. Previous exposures to low value targets have grown into a risk that should be accounted for as people begin to transition into their homes to work remotely. Pressure applied to Internet Service Providers to fix these vulnerabilitiesContinue reading “Exposure on the Homefront”

Microsoft’s Chromium Shell

Whether it is the start of a powerhouse relationship or the beginning of a feud, it is clear that something isn’t working. While some will say that something was Microsoft’s failed replacement for Internet Explorer, Edge is being updated with a new Google flavor. It is easy to wonder if Microsoft’s move to open-source powershellContinue reading “Microsoft’s Chromium Shell”

Intel ATM Chipset Vulnerability Chain

As a fan of Intel’s, one might find it difficult to remain with the industry leader in processor manufacturing. There have been a series of events leading up to the release of the CacheOut (or L1DES) vulnerability that was disclosed by a research team from the University of Michigan and the University of Adelaide. WhileContinue reading “Intel ATM Chipset Vulnerability Chain”

The Triad of Security

People have used models to create works and demonstrate consistency of creations for a very long time.  The use of model’s within security helps to characterize standards and promote efficiency when dealing with complex technologies such as integrated ownership and classification of data.  As with many tools, finding the model that is suitable for theContinue reading “The Triad of Security”

So you want to learn Powershell

Powershell is a cross-platform functional programming language that is also used for scripting.  It can be used for a wide variety of tasks and the support available for it is very suitable.  You can begin learning it by diving headfirst into the deep end, but you will get more use out of it if youContinue reading “So you want to learn Powershell”

Risky Business

Management of risk for federal compliance is intrinsically linked to the National Institute of Standards and Technology (NIST) Special Publications. Even if you are not mandated to follow these guidelines, they do provide a starting point from which you can find structure for advancing the maturity of your cybersecurity program. These publications take time toContinue reading “Risky Business”