Category: Documents and Research

Petya and WannaCrypt Ransomware Propagation

Recently, the Internet has been overrun with ransomware – software designed to take advantage of users by encrypting their data and holding the keys for ransom.  In this post, we will use the concepts of access and authorization to assess this malware and better understand why it was so successful.

Prologue – Think Like a Hacker

Think Like a Hacker is designed to take an IT professional with an interest in cybersecurity on a journey through how an attacker thinks about a network, while posing new theoretical models on how to analyze their network through the lens of a targeted attacker. This book is not be your typical security book that focuses

Continue reading

Understanding the Vulnerability in Intel’s Management Technology

Recently, social media and news sources have been thoroughly covering a vulnerability in Intel’s various management technologies. Although there is definitely reason to be concerned, there appears to be a bit of misinformation about the vulnerability, likely either due to sensationalism or lack of research. As such, I felt it beneficial to provide a view

Continue reading

Recovering Active Directory after Targeted Attack Compromise

Over the past few years, I have had the opportunity to assist various organizations in detecting and removing attackers from large enterprises.  Throughout these efforts, I have noticed that remediation of this condition is a difficult and technically challenging task.  As a result, I decided to take this on as a challenge and develop a generalized

Continue reading