Author

Rick Ross (ISG)

The Case of the Mysterious Lockout

A client contacted me recently concerned that someone was locking out user accounts, but the client couldn’t see the source of this activity in their SIEM. Had it been implemented properly? Was there a bug or problem with the system? Maybe the logs weren’t being parsed properly. Inquiring minds want to know! I like a […]

The Equifax Hack – The Ingredients for Misery

  On Sept 7, 2017, Equifax announced they were hacked sometime between May and July of this year. The incident potentially impacts around 143 million U.S. consumers, exposing names, Social Security numbers, birth dates and more. All the ingredients identity thieves need to cook up some misery. Obviously, we all have reason to be concerned by this […]

Blackmail, Extortion, Ransom and You

  I recently read about a Ransomware attacker who’s offering to unlock infected computers if the victim assists in infecting other people they know. Wow, how insidious is that? Think about this in a corporate setting. Do you think any of your colleagues would hang you, or the company, out to dry to save their […]

Is your manual Incident Response up to snuff?

              Do you believe what the security experts say? That bad actors will penetrate your network, so it’s not a question of “if” but “when”? Believe it or not, it’s true. The evidence is clear that even well-funded security teams can’t keep hackers out.  The paradigm has shifted and […]

Contact Us Close