Raiders of the Lost ARP

Amateur Security Archaeologists, trying not to break things.

Category: Security (Page 7 of 14)

AI-generated photo of a bunch of hackers seemingly posing for a reunion photo.
Conti really wanted to make the 10th reunion, but extradition stood in the way...

What scares you most? How great Threat Pictures are made!

January 22, 2024 /

Most of the posts in the past couple of months have focused on threat modeling tools and use cases. Process-level stuff is interesting, but how do we make sure the inputs are valid? My good friend Mark and I explore that with customers during our Cisco Live interactive breakout, and the things we learn are eye-opening! You can have all the process in the world, but if the inputs are trash, so too will be the outputs. How do we get to the root of it all: What scares you most? We need to ensure we aren’t just wasting our time, right? So how do we paint a great threat picture?

Continue reading
AI Generated image of a weakling adventurer struggling to climb a small wall due to his lack of preparation.
Looks like our hero needs to hit the weight room!

What’s causing Mike’s Indigestion now? Infrastructure Weak! (19 Jan 2024)

January 18, 2024 /

Good morning folks! I had a great time leading a Threat Hunting Workshop at my alma mater, RIT, and meeting some awesome customers, but in my travels I gathered some updates on the threat & vuln side of things that we all should be aware of. And before we get started, I meant to spell “Weak” that way – so let’s get started!:

Continue reading
AI-generated image of a hacker in an aloha shirt trying like crazy to put together a very complex puzzle of all of MITRE ATT&CK's related projects.
MITRE sent me an easy puzzle, but the community blew up the piece count!

Power-up your security: Mapping ATT&CK’s massive ecosystem

January 14, 2024 /

If you are a security professional, MITRE’s ATT&CK is everywhere these days. Even in places it does not belong! That being said, there are a ton of tools, projects, and extensions to ATT&CK. Some are fundamental (like Navigator) while others are niche. How do we tell what is right for us? What projects are essential to power up your security program? For my upcoming Cisco Live presentation in February, I take a crack at mapping ATT&CK’s massive ecosystem to roles and functions. Am I off to a good start? Let’s me share how I tackled this and you can let me know!

Continue reading
AI-generated impage of a little fighter getting the better of a tyrant. These pesky little guys just keep on refusing to quit!
These pesky little guys just keep on refusing to quit!

What’s causing Mike’s Indigestion now? Happy New Fear! (12 Jan 2024)

January 11, 2024 /

Good morning folks! I had a great time in Boston this week hanging out with a cool partner, but in my travels I gathered some updates on the threat side of things that we all should be aware of:

Score one for the good guys!

Cisco Talos and Avast teamed up with Dutch authorities to take down the Babuk Torilla ransomware strain’s key folks, and they have also worked together to provide a decryptor for potential victims.

Continue reading
AI-generated image of a hacker in a hoodie playing an upright bass
Something about that bass-player's groove was just off...

Friend or foe? How killer baselines improve security outcomes

January 8, 2024 /

A month ago, we talked about how visibility can make us more frustrating victims to our adversaries. It makes sense – easy marks are those who don’t see that they are victims in the first place! Take victims of physical (traditional) crime. Burglers love a target who isn’t using alarm systems, cameras, or even their own eyes and ears to actively detect incursions. But having eyes and ears isn’t what makes you formidable. It is that you have those sensory inputs AND you know how to interpret what they are saying and how they respond. Do you know how to discern bad behavior from the norm and know how to tell between friend and foe? And do you know what the right response is based on that proper interpretation? We’re going to tackle the first question here today as we discuss how killer baselines improve security outcomes.

Continue reading
« Older posts Newer posts »

© 2025 Raiders of the Lost ARP

Theme by Anders NorenUp ↑

Verified by MonsterInsights