Raiders of the Lost ARP

Amateur Security Archaeologists, trying not to break things.

Tag: Security (Page 7 of 11)

AI-generated image of a hacker in a hoodie playing an upright bass
Something about that bass-player's groove was just off...

Friend or foe? How killer baselines improve security outcomes

January 8, 2024 /

A month ago, we talked about how visibility can make us more frustrating victims to our adversaries. It makes sense – easy marks are those who don’t see that they are victims in the first place! Take victims of physical (traditional) crime. Burglers love a target who isn’t using alarm systems, cameras, or even their own eyes and ears to actively detect incursions. But having eyes and ears isn’t what makes you formidable. It is that you have those sensory inputs AND you know how to interpret what they are saying and how they respond. Do you know how to discern bad behavior from the norm and know how to tell between friend and foe? And do you know what the right response is based on that proper interpretation? We’re going to tackle the first question here today as we discuss how killer baselines improve security outcomes.

Continue reading
Mid-Journey AI generated image of Santa Claus hacking by the Christmas Tree.
No Cookies for me? I'll just hook your browser and get my own.

What’s causing Mike’s Indigestion now? I’ll be Pwn for the Christmas! (22 Dec 2023)

December 22, 2023 /

Good day folks! I’m prepping for my holiday shutdown here at Cisco, but before I do, I have a threat update including some interesting developments on vulnerability hoarding that would make the Grinch cringe. But first:

Continue reading
image depicting digital-themed snowflakes, each uniquely designed to represent different web applications, as they gently fall to the ground in a serene winter landscape.
Which of these snowflakes is my electric company's customer service portal? Because I have some feedback!

Describing a Snowflake: How to describe Web Applications

December 21, 2023 /

I have this nasty habit of committing to teach things. Things I probably have no business teaching, but I find that lighting the fire motivates me to learn quickly. Earlier this week, I had an opportunity to share some of what I learned about how to describe web applications from a security standpoint. I had gone through this learning process sometime before, but with all of the craze around cloud, native and different XaaS offerings, I thought it would be a great time to refresh my knowledge and then pass a little bit of that on. My end goal was to teach security minded folks what makes a web application different than other parts of an attack surface. Whoops!

Continue reading
AI generated image of a adventurer who is very upset at having to trudge through a blizzard in Russia.
Probably a bad idea to make the auditor file reports from the DC cold aisle...

What’s causing Mike’s Indigestion now? Cozy Bear Blizzards! (15 Dec 2023)

December 14, 2023 /

Good morning folks! I have some updates on the threat side of things that we all should be aware of:

In our first update, Russian SVR-backed pests known as APT29, CozyBear, NOBELIUM or the MS name of “Midnight Blizzard” are following the lead of North Korean adversaries. They’re exploiting a really bad JetBrains TeamCity vuln (CVE-2023-42793/9.8 CVSS) to manipulate source code, sign certs, and push updates. TeamCity is a CI/CD tool that helps run DevOps, sort of like Travis CI, Jenkins, CircleCI, and more. So it has the potential to be like SolarWinds issues a couple of years ago. Now appears they have patiently used it to get into more of the supply chain and gain as-of-yet dormant footholds. They are even using Dropbox to help mask their C2 – Yikes!

Continue reading
AI generated art of a valiant defender holding off a massive adversary at the gates.
Not for nothing, but you aren't sneaking up on anyone with that bright, clanking armor!

How visibility makes you the most frustrating victim

December 10, 2023 /

Who hasn’t hear this one: “the attacker only need to be right once, and they are a success”. Indeed, the corollary is said just as often: “you only need to be wrong once and you’re screwed!” All of that makes you feel a little helpless, right? Helpless folks give up – and good luck getting them to deal with the myriad of issues that are inherent to securing their environments! We’re going to see how we can turn the tables here, and the first step is to see how visibility makes you a most frustrating victim for adversaries!

Continue reading
« Older posts Newer posts »

© 2025 Raiders of the Lost ARP

Theme by Anders NorenUp ↑

Verified by MonsterInsights