Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

Articles by

Andy Green

The Malware Hiding in Your Windows System32 Folder: More Alternate Data Streams and Rundll32

Last time, we saw how sneaky hackers can copy malware into the Alternate Data Stream (ADS) associated with a Windows file. I showed how this can be done with the...

Read More

EU NIS Directive (NISD) Holds Surprises for US Online Companies

Last month, a major data security law went into effect that will impact businesses both in the EU and the US. No, I’m not talking about the General Data Protection...

Read More

The Malware Hiding in Your Windows System32 Folder: Certutil and Alternate Data Streams

We don’t like to think that the core Window binaries on our servers are disguised malware, but it’s not such a strange idea. OS tools such as regsrv32 and mshta...

Read More

What C-Levels Should Know about Data Security, Part I: SEC Gets Tough With Yahoo Fine

The Securities and Exchange Commission (SEC) warned companies back in 2011 that cyber incidents can be costly (lost revenue, litigation, reputational damage), and therefore may need to be reported to investors....

Read More

The Malware Hiding in Your Windows System32 Folder: Mshta, HTA, and Ransomware

The LoL approach to hacking is a lot like the “travel light” philosophy for tourists. Don’t bring anything to your destination that you can’t find or inexpensively purchase once you’re...

Read More

The Malware Hiding in Your Windows System32 Folder: Intro to Regsvr32

In our epic series on Malware-Free Hacking, I wrote about techniques that let you use well-known Microsoft apps and tools to run evil custom scripts. This file-less hack-craft usually involves sneaking...

Read More

[Transcript] Attorney Sara Jodka on the GDPR and HR Data

In reviewing the transcript of my interview with Sara Jodka, I realize again how much great information she freely dispensed. Thanks Sara! The employee-employer relationship under the GDPR is a...

Read More

Adventures in Fileless Malware: Closing Thoughts

I think we can all agree that hackers have a lot of tricks and techniques to sneakily enter your IT infrastructure and remain undetected while they steal the digital goodies....

Read More

[Podcast] Attorney Sara Jodka on the GDPR and HR Data, Part II

In the second part of my interview with Dickinson Wright’s Sara Jodka, we go deeper into some of the consequences of internal employee data. Under the GDPR, companies will likely...

Read More

[Podcast] Attorney Sara Jodka on the GDPR and Employee HR Data, Part I

In this first part of my interview with Dickinson Wright attorney Sara Jodka, we start a discussion of how the EU General Data Protection Regulation (GDPR) treats employee data. Surprisingly,...

Read More
 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.