7 log analysis techniques for investigating cyber crimes

In this blog post I will show you how to set up your DFIR (digital forensics and incident response) log analysis rig, how to analyze logs in various programs and how to optimize your process to save time and effort. Your Log analysis rig setup: Linux or Windows? Well, I prefer Windows simply because most tools … Read more 7 log analysis techniques for investigating cyber crimes

Intelligence operations against technologies we use every day

It is yet unknown which of these ‘leaks’ were planted as misinformation and which are real. From the technical details of them and trusting the collective intelligence of the global infosec community it can be concluded they are legitimate. From the German Spiegel, at http://www.spiegel.de/international/world/nsa-documents-attacks-on-vpn-ssl-tls-ssh-tor-a-1010525.html we can see the following categorized attacks: Attacks against Crypto … Read more Intelligence operations against technologies we use every day

Know your enemy

Knowing your environment (yourself) is half the way. You should know your enemy as well. One way of keeping in touch with what is happening on the Dark Side is keeping updated with information security news. And keeping a list of RSS feeds is no longer relevant – where keeping yourself updated once or twice … Read more Know your enemy

Building your own intelligence of the attackers going after your organization

Here’s a working idea. Set up a set of fake personas supposedly working for your company. Do it with all the social indicators – Facebook, Twitter, LinkedIn profiles, e-mail addresses and active e-mail boxes, presentations containing their names and e-mails, comments – the whole thing. Once ready, set up a set of physical boxes (so … Read more Building your own intelligence of the attackers going after your organization

Your role as the guardian and infosec mentor in your organization

Your role as CISO (or whatever the title is, the infosec officer of your company) in every security project is to ensure a constant, smooth transition to a more secure state, maintaining the usability and effectiveness of all business processes. It is not that of an enforcer or a policeman – but rather that of … Read more Your role as the guardian and infosec mentor in your organization