Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Hurricane Labs

No matter what facet of information security you're in, from being the CISO down to just installing security patches and keeping up to date, there will probably be a point where you need to see the details of a hack. Maybe it's because you need to fingerprint what it does or how it acts on your network. Maybe it's because you need to be able to reproduce it in a penetration test. Either way you look at it, sometimes you just need to test something out. Obviously, this could go one of a few ways. You could execute these hacks on your network. This could lead to potentially bad outcomes, especially if you break something. The next option is to try it out on someone else's network who doesn't know. (Read: ILLEGAL!). The last option, and also the one we use over here at Hurricane Labs, is a lab environment. A lab environment is simply going to consist of a bunch of diffe... (more)

Nothing New Under the Sun

I recently wrote a couple of to-be-published articles basically laying out all the reasons why we as security professionals should not be running away from so-called "new" technology. Essentially I am asking that we take the time to really understand what's so new about this stuff. SmartPhones, the "cloud", etc these are all repackaged versions of old technology. We're terrified of them because we think we don't understand them. The sad part is, we don't. We seem to be under the impression that all new technology is bad and inherently insecure, it isn't. It's not any more insecu... (more)

Corporate Forensics: Security, Not Law Enforcement

Corporate Forensics: Security, Not Law Enforcement By: Tom Kopchak The term forensics stirs up vivid images: Crime scenes littered with obvious and equally less obvious evidence. Investigators toiling to bring a heartless criminal to justice. Video game consoles covertly storing secret files. A perfectly detailed account of the exact causes and motives of a crime. Police chases. Gunfire. All neatly solved in a half hour or less. Unfortunately, the popular view of forensics is often in stark contrast with reality. The computer forensics field requires significant quantities of ted... (more)

7 Steps to Effective User Education

7 Steps to Effective User Education By: Bill Mathews There has been a lot of debate recently over the merits of user education, specifically in the security awareness arena. The questions range from, “is it worth it?” to “why aren’t we doing more of it?” and everything in between. But the biggest question is: How do we make it better? The answer, as usual, is a little tricky, so I decided to post a few tips from my experiences as a trainer and as a student. 1: Organize Smaller Training Groups I have found that having no more than 5 to 8 people in a session leads to better discuss... (more)

Looking for a Little 'Big Data' Clarity? By @_RyanOConnor | @BigDataExpo #BigData

Time to Put Some Big Data Misconceptions to Rest by Ryan O'Connor As a recent graduate, and now professor in the University of Connecticut's Business Analytics and Project Management masters program, I have a lot of conversations surrounding the topic of "Big Data" and questions such as, "What does that term actually mean?" Big Data is a fairly new topic and what seems to be an elusive term for many. Conversations are important to help bring clarity to Big Data, as well as generate ideas about how we can shape, not only what it is, but also the future of where it's going. Not th... (more)