Optiv Blog

Recovering From a Credential Breach, Part 2

· By Peter Gregory · 0 Comments

Probably the most important step to take when a user suspects that his or her user account has been compromised is to notify the organization’s IT service desk. End users should notify the IT service desk right away in the event of the loss or theft of a laptop computer, tablet or smartphone.

Continue reading 0 Shares

PCI Compliance Every Day – Requirement 7

· By Jeff Hall, Scott Chimner · 0 Comments

This post focuses on PCI DSS requirement seven; restricting access to cardholder data and in-scope system components based on the “need to know” and/or the principle of “least privilege.” “Need to know” as defined in the PCI DSS is “when access rights are granted to only the least amount of data and privileges needed to perform a job.”

Continue reading 0 Shares

Recovering From a Credential Breach, Part 1

· By Peter Gregory · 0 Comments

A few years ago while on a business trip, I was out to dinner and left my luggage in my rental car (I had not yet checked in to my hotel). When I finished dinner and went back to my rental car, I found it had been broken into and my luggage was gone. My keyring with keys to my house, car and other places was in my luggage.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 20

· By Joshua Platz · 0 Comments

Test the overall strength of an organization’s defenses (the technology, the process and the people) by simulating the objectives and actions of an attacker.

Continue reading 0 Shares

DEF CON is Here: A Reminder to Manage and Remediate Security Vulnerabilities of Your Third Parties

· By James Robinson · 0 Comments

Every year I like to take a look at the talks at Black Hat and DEFCON to see if there are areas of risk I need to review. This year, like others, has focused on different hacking and defensive techniques. It also included a theme on cloud components as well as IoT, and new vulnerabilities within both. If your organization develops these products, you have the ability to talk with the development teams and review the devices for the vulnerabilities.

Continue reading 0 Shares

Control Maturity vs. Control Risk: A Client Discussion

· By Peter Gregory · 0 Comments

A client for whom I serve as CISO advisor posed an interesting question to me last week, “What if we measure and report on control maturity instead of risk?” A productive and interesting discussion on the topic ensued over the next forty-five minutes. I had never before received this question, so I had to literally think on my feet.

Continue reading 0 Shares

Indicators of Compromise (IOCs) are Not Intelligence

· By Ken Dunham · 0 Comments

When discussing the topic of cyber threat intelligence, I frequently hear questions about Indicators of Compromise (IOCs). IOCs are not intelligence but are important data points within the intelligence process. Meta-data is a better way to think about how to connect the dots between assets, threats, threat agents, counter-measures and other variables that factor into cyber threat intelligence.

Continue reading 0 Shares

Update: Intelligence Advisory – Petya Outbreak

· By gTIC · 0 Comments

This is an update to the Intelligence Advisory: Petya Ransomware Outbreak - released June 27, 2017. Optiv’s Global Threat Intelligence Center (gTIC) received several sources pertaining to the newly created Petya ransomware strain. This new strain is being referenced as GoldenEye, Petyawrapper, NotPetya, SortaPetya, and Petna.

Continue reading 0 Shares

Petya / Petna / NotPetya Ransomware Recommendations from the Trenches

· By Nick Hyatt · 0 Comments

Here we go again. Not long ago I updated a blog post containing actionable recommendations to protect your environment from ransomware threats, including WannaCry. In the wake of yesterday’s Petya attack, I thought it would be prudent to update that blog again and reinforce concepts discussed therein.

Continue reading 0 Shares

Intelligence Advisory – New Petya Ransomware Outbreak

· By gTIC · 0 Comments

Optiv’s Global Threat Intelligence Center (gTIC) received reports from several sources concerning a recent modification to the Petya ransomware strain. This new strain is being referenced as ‘GoldenEye’. The modification has been identified as the SMB exploitation leveraged by WannaCry, the so-called EternalBlue exploit.

Continue reading 0 Shares
(589 Results)