NetFlow Ninjas Blog
POSTED BY Brandon Tansey on 09.25.2014
On Wednesday afternoon, the details behind CVE-2014-6271 were published to the OSS-Sec mailing list. Shortly after that, the bug that is now being called “Shellshock” took off. Troy Hunt put together another write-up worth reading (the comments have some good information as well), but in short:...
POSTED BY Tom Cross on 09.17.2014
One of the concerns that has been raised about the Heartbleed vulnerability is that it was introduced into the OpenSSL code base several years ago, and it’s possible that some attackers were aware of it and launching attacks before it was publicly disclosed this week. Unfortunately, the attack,...
POSTED BY Angela Frechette Cannon on 09.09.2014
This week, Lancope is sponsoring and exhibiting at HP’s annual security user conference, HP Protect. HP relies on Lancope’s StealthWatch System to provide its network security team with a cost-effective, yet powerful way to monitor and analyze network traffic.
POSTED BY Tom Cross on 09.05.2014
In the last several installments of this blog post series, we spent some time talking about 1) the different types of insider threats, 2) how to combat each one, and 3) how network logs can play a vital role in thwarting all of the various insider threat actors. Below is a Top 10 List recapping...
CATEGORIES: 
POSTED BY Tom Cross on 08.21.2014
In Part 2 of this blog series, we discussed various security tools that can be used to detect and subvert the different classes of insider threats. While each type of insider threat requires different security measures, one technique that can help tremendously across the board is the monitoring of...
POSTED BY Kevin Wilson on 08.18.2014
I’m back this week and moving swiftly up the Kill Chain. In my previous post , I detailed what an advanced attacker would do during the reconnaissance phase of the Security Kill Chain. As I continue, there are a few points I want to make: This is not an actual attack. I’m working purely in...
POSTED BY Tom Cross on 08.05.2014
Last year Edward Snowden revealed that the NSA is collecting the telephony metadata of millions of Americans. This revelation has sparked a debate about the power of metadata. Supporters of the program have attempted to reassure the public that their privacy is not being violated because the...
POSTED BY Tom Cross on 08.04.2014
Part 1 of this blog post series explained the various types of insider threats lurking on enterprise networks. Due to their variant characteristics, each type requires a separate set of security controls. In this post we outline the different defensive measures that can be put into place to address...
POSTED BY Tom Cross on 07.28.2014
In a recent survey conducted by Lancope , the insider threat was a major concern for respondents, with 40 percent citing it as a top risk to their organization. Recent news events such as the WikiLeaks disclosures have also brought the insider threat into focus. But what do people really mean when...
POSTED BY Kevin Wilson on 07.24.2014
Today I’m going to be speaking from the point of view of an attacker. But not just any attacker. I’m looking through the eyes of what our industry has deemed an Advanced Persistent Threat (APT). This is the beginning of a series of posts that will discuss what I will do as I move through the Kill...

Pages