Welcome!

Security through Intelligence

Cory Marchand

Subscribe to Cory Marchand: eMailAlertsEmail Alerts
Get Cory Marchand via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Cory Marchand

Malware analysis can be a time consuming process, especially when dealing with a sample from skilled attackers with time and money on their side . There is no doubt that fully reversing malware and finding out how it works is the most effective way to learn how to defend against it, but most businesses don't have the time or the professional resources to do it. There are ways in which you, a Computer Network Defender, can glean enough information from malware to be used in IDS and AV signature creation, DNS poisoning and blocking as well as sharing with the CND community. This can be accomplished in a cost effective manner (maybe even free) and in an efficient manner that can rival very long code based analysis.  There are even cases where in depth knowledge of how to fully reverse the sample is not needed. It should be noted that this is a low tech, high level mechan... (more)

Information Assurance Does Not Equal Information Security

When I was working on a network assessment team for one of my customers, I would routinely hear upset voices when we would present our findings. The most common thing that the executives would say was, “Wait a minute, aren’t we current on our updates? I saw the compliance report, and we were all green right?” “All green right?” What that Information Security Officer was referring to was a slide that was presented to him showing the level of compliance that the hosts on his network were currently reporting. To him, this meant secure.  It meant that all of his systems were patche... (more)

Social Networking - A Playground for Cyber Criminals

As a Security Analyst, I witness very sophisticated Advanced Persistent Threat (APT) attacks as well as low level cyber criminals attempting to steal bank information, credit card data and website login credentials. One commonality that the cyber criminals and the APT share is the method for gaining access to information, which typically occurs through an end users email. When it comes to the criminal element of cyber attacks, I am often amazed at the lack of sophistication and effort that is asserted against their victims. It leads me to ask the question, "How on earth are these... (more)

Security Awareness Training: The Single Most Important Cost in IT Security

Ok, ok, I know the title is a tad dramatic but hear me out on this one. A well-known computer security professional and former NSA research scientist wrote an editorial back in July 2012 stating, "Money spent on security awareness training, is money wasted." Dave Aitel , a respected individual in the world of Computer Security and current CTO of Immunity, made this statement in light of the fact that several high profile intrusions had occurred at the hands of employees who were targeted in spearphishing attacks, some of which lacking in sophistication. I disagree with the above ... (more)

Addressing the Root Cause – A Proactive Approach to Securing Desktops

The computers on your network are protected from malware right? If you are operating an environment based largely on Windows based PCs you likely have some kind of anti-virus installed and centrally managed. If you have purchased a more complete desktop protection suite, you probably even have a Host Based IDS/IPS protecting your machine from incoming malicious TCP scans, or possible outbound connections to known malicious sites (like google.com occasionally). Operating system firewall activated? Yep! AV signatures current? Check! Global Threat Intelligence updated? Uh, yeah....s... (more)