Disrupting the Kill Chain

The cyber kill chain describes the typical workflow, including techniques, tactics, and procedures or TTPs, used by attackers to infiltrate an organization’s networks and systems.  The Microsoft Global Incident Response and Recovery (GIRR) Team and Enterprise Threat Detection Service, Microsoft’s managed cyber threat detection service, identify and respond to thousands of targeted attacks per year. …

0

Use Security Education and Awareness Programs to Your Advantage

Most of today’s media coverage, internal security budgets, and venture capital dollars are focused on new and exciting technologies, such as next-generation endpoint solutions, user behavior analytics, and others. However, one equally important area that often receives little attention is security education and awareness for company employees. The majority of successful attacks target end users…

0

Detecting Sticky Key Backdoors

If there is one thing I’ve learned about cyber security over the last fifteen years, it is that we are stronger as a community than alone.  In that spirit, I wanted to share a PowerShell scanner I wrote to detect the presence of a Sticky Key backdoor on a Windows system.  You can find a…

1