Nick Tausek, Author at Security Boulevard

Achieving Public-Private Coordination and Collaboration on a National Scale

| | security operations
I recently commented on two ways I believe the cybersecurity community can measure the new administration’s success in cybersecurity. Getting more talent into the workforce and closing the skills gap is something I will champion until the end of time! But I also recognize there are other goals and challenges ... Read More

How Do We Measure The New Administration’s Success in Cybersecurity?

| | News and Events
I have grown increasingly passionate about the effects of elections on cybersecurity, and like many administrations before them, it is no secret this administration will face serious cybersecurity challenges. Something I have been thinking about since Inauguration Day is what actually constitutes “success” in regard to cybersecurity at the government ... Read More

5 Best Practices for Safe and Secure Remote Work

| | News and Events
Thanks to the connected world we all live in, working remotely is becoming increasingly popular and for good reason! Benefits to working from home include hiring for talent rather than geography (Swimlane has been doing this since day one!), having a more flexible work schedule, limiting commuter time, minimizing exposure ... Read More
Domain squatting, typosquatting and homograph detection with Swimlane

Domain squatting, typosquatting and homograph detection with Swimlane

| | Use Cases
Introduction Domain Squatting, typosquatting and IDN homograph attacks are a combination of techniques used by malicious actors to harvest credentials from an organization, distribute malware, harm an organization’s reputation, or otherwise maliciously impersonate a legitimate domain. Techniques These various attacks—which will be referred to collectively as “squatting” in this post—are ... Read More
Domain squatting, typosquatting and homograph detection with SOAR

Domain squatting, typosquatting and homograph detection with SOAR

| | Use Cases
Introduction Domain Squatting, typosquatting and IDN homograph attacks are a combination of techniques used by malicious actors to harvest credentials from an organization, distribute malware, harm an organization’s reputation, or otherwise maliciously impersonate a legitimate domain. Techniques These various attacks—which will be referred to collectively as “squatting” in this post—are ... Read More
Domain squatting, typosquatting and homograph attacks

Domain squatting, typosquatting and homograph attacks

| | Use Cases
Introduction Domain Squatting, typosquatting and IDN homograph attacks are a combination of techniques used by malicious actors to harvest credentials from an organization, distribute malware, harm an organization’s reputation, or otherwise maliciously impersonate a legitimate domain. Techniques These various attacks—which will be referred to collectively as “squatting” in this post—are ... Read More
Proactive credential dump hunting with SOAR

Proactive credential dump hunting with SOAR

|
MITRE ATT&CK™ defines credential dumping as “the process of obtaining account login and password information, normally in the form of a hash or a clear text password, from the operating system and software.” The security information sharing network continues, “Credentials can be used to perform Lateral Movement and access restricted ... Read More
Proactive credential data dump hunting with SOAR

Proactive credential data dump hunting with SOAR

|
MITRE ATT&CK™ defines credential data dumping as “the process of obtaining account login and password information, normally in the form of a hash or a clear text password, from the operating system and software.” The security information sharing network continues, “Credentials can be used to perform Lateral Movement and access ... Read More

CVE-2019-0708: Wormable critical RDP vulnerability in older Windows versions

| | News and Events
On May 14, 2019, Microsoft released patches for a critical vulnerability (CVE-2019-0708) in Remote Desktop Services/Terminal Services affecting the following versions of Windows: Windows XP (all) Windows 2003 (all) Windows 7 SP 1 (32 and 64 bit) Windows Server 2008: 32 bit SP232 bit SP2 (Server Core Installation)Itanium-Based SP264 bit ... Read More

Windows patch released after critical RDP vulnerability

| | News and Events
On May 14, 2019, Microsoft released Windows patches for a critical vulnerability (CVE-2019-0708) in Remote Desktop Services/Terminal Services affecting the following versions of Windows: Windows XP (all) Windows 2003 (all) Windows 7 SP 1 (32 and 64 bit) Windows Server 2008: 32 bit SP232 bit SP2 (Server Core Installation)Itanium-Based SP264 ... Read More