Moran Cerf – Moth GrandSLAM winning story
Category: Computers
Incident Response Tabletop Idea
This is a scenario based incident response tabletop that I worked on with a colleague. I wanted to share with the world, as I have had immense success with this. It amazes me how a simple dice roll, really draws people in to the event. It sounds silly, but the sense of chance adds so Read More …
ESM – Exposure Surface Management
Exposure Surface Management (ESM) aims to proactively identify, assess, and mitigate vulnerabilities across an organization’s digital assets, including those external to the traditional IT infrastructure, to reduce the risk of cyberattacks. Here’s a breakdown of what ESM looks like: Comprehensive Asset Inventory: ESM starts with a thorough inventory of all assets, both internal and external, Read More …
Conference Video – Deep Web – what to do and what not to do
Presented at the Cysinfo 9th Quarterly Meetup on 19th November 2016 at Bangalore Presentation Link
Malware TV – Automatically Extracting Obfuscated Strings from Malware
The FireEye Labs Obfuscated String Solver (FLOSS) is an open-source tool that automatically detects, extracts, and decodes obfuscated strings in Windows Portable Executable (PE) files. Malware analysts, forensic investigators, and incident responders can use FLOSS to quickly extract sensitive strings to identify indicators of compromise (IOCs). Malware authors encode strings in their programs to hide Read More …
Notes – Use Templates And Keep It DRY
To “Use Templates And Keep It DRY” means to leverage templates or reusable structures and to avoid code duplication by implementing a principle of abstraction that promotes code efficiency and maintainability. Here’s a breakdown of the concept: Templates: These are reusable structures, such as code snippets, document layouts, or organizational frameworks that can be used as Read More …
How Tech Billionaires Plan to Destroy America
A look into how the tech leaders may be using the new administration to achieve their own agenda. Looking specifically at Peter Thiel, Elon Musk, Marc Andreessen, Ben Horowitz, Brian Armstrong, and David Sacks as well as their relationship with figures like JD Vance, Balaji Srinivasan, and Curtis Yarvin. There is a focused discussion on Read More …
ASM – Attack Surface Management
Attack Surface Management (ASM) focuses on identifying, monitoring, and mitigating potential vulnerabilities and risks across an organization’s entire digital footprint, including both known and unknown assets, to reduce the potential attack surface. Here’s a more detailed explanation: Continuous Process: ASM is not a one-time task, but rather a continuous process of discovery, analysis, prioritization, remediation, Read More …
Conference Video – Defending Against Power Shell Attacks
Dutch Power Shell User Group – 3rd Power Shell Saturday 2017-04-08
Hacker TV – What Is An XXE Attack?
XML files can incorporate inline references to other documents. Unsafe treatment of external references allows an attacker to probe your file system for sensitive information – an XML External Entity (XXE) attack.