Blog by Benjamin Langrill

Your concerns might include:

• Are they needed for effective protection?
• Are they worth the money?
• Do they just gum everything up?
• Are they tough to remove?
• Do they open me up to online attacks?

These are all valid concerns and for most people, basic cyber hygiene is all you need.

&...

The Microsoft security bulletins for May 2019 included CVE-2019-0708…soon known as BlueKeep. It was a wormable exploit meaning that it could remotely take over a system with no interaction and then continue spreading to other vulnerable systems. It was an exploit in the Remote Desktop Protocol, ubi...

Data from actual cyber-attacks shows that most ransoms are in the 2-5 percent range. This is a good starting point and can be further refined by going through some factors that cybercriminals consider when setting the amount.

First, think through the motivation of the cybercriminal. ...

Suppose a criminal group called CyberL33t developed a zero day vulnerability for a Microsoft SQL server. CyberL33t spent about 200 hours learning about exploit development, and studying SQL server itself. Time to go hack some businesses!

He now has to target the exploit…and the company he wa...

Yes, and it is complementary to others like MITRE ATT&CK and NIST. Cyber frameworks like these are limited by their attempt to be holistic. For example, MITRE ATT&CK states right up front that it is a "knowledge base of tactics and techniques based on real world observations." Thi...