Security Balancetrying to bring balance to the Force |
 |
It would be impossible to write about low hanging fruits without mentioning network shares. I say it because they are usually my favorite path to elevate privileges when I’m performing a penetration test. Among stuff that I’ve already found on unprotected (I mean, Everyone – Full Control) shares are:
- Source code for critical applications
- Configuration [...]
I’m trying to finish my Master dissertation on the next months. In order to do that I need to test the log analysis methodology I’m proposing. The methodology is targeted to detect insider attacks, so I need to collect logs from internal resources, which include AD domain controllers, internal e-mail systems, file and folder access [...]
After the case of the French bank Société Générale, the insider threar is again a hot subject on the field. It was always one of my main interests and the subject of my Master thesis.
This article from Network Computing mentions the need to work together with HR and putting more emphasis on the human problem. [...]
Daily Dilbert today has a good sample of the discussion of security by obscurity. It’s rather obvious that it doesn’t bring much protection when used alone, but some things seem to be useful, like the case on the strip.
As a quick comment, an interesting Information Handling Policy I saw once instructed that sensitive info should [...]
Then read this. The French bank Societé Generale lost more than $7 billion (yes, billion!) because of an internal fraud, commited by a single trader. That’s an interesting insider threat case!
I found this piece particularly interesting:
“Axel Pierron, senior analyst at Celent, an international financial research and consulting firm, was stunned that a trader could be [...]
I was planning to talk about one of my favorite resources in my blogroll, Securosis. This post about the insider threat reminded me about it. Look at these remarks from Mr. Mogull and you’ll not only understand this “insider threat” better but also about a very good feed to have in your blogroll:
“Once an external [...]
