Showing posts from: Information Security

June 24, 2017

A Simple Method to Exfil Data over HTTPS to a WordPress Back-end

In today’s enterprise insider threats can be tricky to detect and can easily fly under the radar for months and even years.  Oftentimes, these insiders use simple tactics to steal information from a organization.  The primary reason for this is because most insider threats have been granted access to authorize sensitive data or areas of the corporate network. This access is granted in order to permit the individual to perform specific job duties or fulfill a contractual obligation. But when an individual makes the decision to use this access in ways other than envisioned – abusing privileges with malicious intent towards the organization – that individual becomes an insider threat (Lord, 2017). One of the simplest ways for an insider threat to exfil data is through 3rd party email or storage sites, but in most cases these are blocked in enterprise environments.  Another way to exfil data out of an organization is by simply uploading files to a webserver.  Below, is a simple method on how to exfil data over HTTPS to a WordPress back-end.

/ continue reading

January 26, 2017

Reducing an Organizations Email Attack Surface

In today’s cyber space the threat landscape is evolving on a daily basis.  There are many ways to reduce your company’s attack surface.  A simple way to reduce a company’s email attack surface is by blocking incoming file types.  Email attachments frequently contain malicious content that are delivered to organization’s end-users. These inbound attachments can contain numerous types of malicious files (ransomware, ZIP attachments with SCR scripts, .exe, Macros, VBscripts, etc.).

To block incoming file types see methods and policies outlined below.

/ continue reading