Risk Advisory Alex Muentz Risk Advisory Alex Muentz

WannaCry as the Regulatory Brown M&M

If you were under a rock for the last few weeks, WannaCry is one of those cyber-security events that made it into regular news. If it hits NPR, that means everyone who knows me or at least strikes up a conversation at the bar will ask me my opinion.

Read More
Enterprise Security Guest User Enterprise Security Guest User

Roll for Initiative

I had the privilege of being at the Microsoft Security Response Center during the formation of their incident response planning. It’s a challenging thing to create as well as maintain. The concept of removing people from the equation and supplying a base level playbook is integral to the difference between a security incident bouncing bad or bouncing to a level where it can be handled.

Read More
Risk Advisory Alex Muentz Risk Advisory Alex Muentz

Compliance as a Cost of Customer Acquisition

If you're like many of our clients, you're in customer acquisition mode. You've spent a bunch of money to build your product or service, and the marginal cost to support a new customer is relatively small. They're buying the same thing everyone else is, so there's some additional load you need to meet.

Read More
Guest User Guest User

Reverse Engineering Firefox and TOR Targeted Payload

This week, an exploit targeting Firefox and the Tor Browser was released, giving us a chance to exercise the capabilities of Lotan. In order to conduct an analysis, we extracted the shellcode from the exploit (the 'thecode' variable) and side loaded it into a bastion crashdump (see VirusTotal sample).

Read More