Prologue – Think Like a Hacker

June 19, 2017June 30, 2017 ~ Michael J. Melone ~ 1 Comment

Think Like a Hacker is designed to take an IT professional with an interest in cybersecurity on a journey through how an attacker thinks about a network, while posing new theoretical models on how to analyze their network through the lens of a targeted attacker. This book is not be your typical security book that focuses … Continue reading Prologue – Think Like a Hacker

Am I Pwned? – 5 simple ways to help determine if you should be concerned about malware you discover on your network

January 21, 2015January 24, 2015 ~ Michael J. Melone ~ Leave a comment

One of the difficulties involved with malware analysis is determining exactly how concerned you should be when you find a new sample on your network. Categorizing malware does not require high cost tools and access to subscription-only databases (although these can help). The following is a list of ways to help determine how concerned you should … Continue reading Am I Pwned? – 5 simple ways to help determine if you should be concerned about malware you discover on your network

Understanding MS14-068

December 22, 2014January 24, 2015 ~ Michael J. Melone ~ Leave a comment

In November 2014, Microsoft issued a critical patch addressing a Kerberos issue on domain controllers. This vulnerability enables an attacker to leverage any authenticated session to create a Kerberos ticket which can have any group membership in the Active Directory domain, to include membership in domain admins, schema admins, enterprise admins, or BUILTIN\Administrators. In addition, a … Continue reading Understanding MS14-068