Becoming a cyber knight: learn!

become a cyber knight

Constant improvement is what your adversaries master at. Even though you might go for a new certificate from time to time – this is not the improvement I am talking about. Webinars are not improvement. Good, old-school reading and putting what you learned into practice is going to make you a master of your craft. … Read more

Risks of working from home for law firms

What are the risks using pirated software in your company

☠ Remote work has increased cybersecurity incidents by 25% and the majority of them are caused by pirated software or software downloaded by people from shady locations. I’ll give you an example: Previously while in the corporate network, people were (hopefully) prevented from downloading programs/binaries, instead, the IT department was doing that for them. Now, … Read more

Protect your law firm from hacking attacks

vulnerability management consulting program

Commercial law firms are one of the most lucrative and information-rich targets a hacker could have and most of them have never had a CISO nor used CISO as a Service to protect them. They are the object of attack by foreign governments (when the details of a deal are of interest to one or … Read more

Phishing the way you never looked at it

law firm phishing

What is phishing? A fake web page, collecting credit card details from gullible users? Or a badly written e-mail asking you for your banking username and password? Or is it someone asking you to fill a survey, where some of the questions quietly ask you for your corporate username and password? Is it the act … Read more

7 log analysis techniques for investigating cyber crimes

highlighter user1

In this blog post I will show you how to set up your DFIR (digital forensics and incident response) log analysis rig, how to analyze logs in various programs and how to optimize your process to save time and effort. Your Log analysis rig setup: Linux or Windows? Well, I prefer Windows simply because most tools … Read more

Prepare for WAR and the new realities

cyberwar law firms

On Cyber War War is destruction and loss of lives. The term became powerless and meaningless with so much marketing hype from every vendor, blogger and their uncle’s dog. Throughout this book you will often read the term and such associated with it – just remember that things are really serious and if something bad … Read more

APT or APA and can APDs counter their attacks?

APT. Oh, how I love this term. It became the fashion among security vendors so much that they started including it in every single page of their marketing materials. Every single vendor out there will come to a sales meeting saying their appliance magically defends against “APTs”. Do they even know what that means? I … Read more

Survey the security posture of your company

Knowing the strengths and weaknesses in the defenses of your organization is crucial to its survival. There is a solid reason for quoting Sun Tzu when it comes to knowing yourself. The actual quote is: “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you … Read more

Know your enemy

Knowing your environment (yourself) is half the way. You should know your enemy as well. One way of keeping in touch with what is happening on the Dark Side is keeping updated with information security news. And keeping a list of RSS feeds is no longer relevant – where keeping yourself updated once or twice … Read more