Archive by Author

Cybersecurity Awareness Month – should this even be a thing if awareness isn’t working?

If I’d written this last week, the post would have been very different.  I would have pondered whether cybersecurity awareness month should even be a thing. Granted I live in the infosec echo chamber, but I often wonder how many out there aren’t already inundated with information about staying safe online.  Does one more phishing […]

Should Antivirus software be part of your threat model?

Should Antivirus (AV) software be part of your threat model?  Strictly speaking, yes it probably should be.  AV is potentially dangerous to an organization and should be tested thoroughly before being deployed. As argued in the recent WSJ article about Kaspersky (note that the article is behind a pay wall), AV software could threaten the […]

Equifax Breach – Early lessons learned and six point action plan

In this post, we’ll discuss a few early lessons learned from the Equifax breach announced yesterday.  We’ll also recommend a six point plan to avoid becoming “the next Equifax” based on what we know today about the breach. Rendition is in no way involved with the breach assessment for Equifax and we have no inside […]

Five steps to prepare for a ransomware attack

Like many information security firms, Rendition Infosec has worked many ransomware attacks over the last several years.  If you’re reading this post, you probably know about the obvious things you can do to prepare for a ransomware event.  We often talk about having good backups (and testing them).  We also know that most ransomware is […]

The need for dump analysis in Cyber Threat Intelligence (CTI)

Over the last year, there have been numerous dumps of stolen classified data posted on the Internet for all to see.  The damage from these dumps has obviously been huge to the US intelligence community.  In this post, we won’t discuss the actual damage of the dumps to the intelligence community (many others have already […]

Software plugins/extensions should be part of your threat model

Over the last few months we’ve seen multiple cases of warnings about plugins and extensions for various software packages threatening the security of users.  We’ve recently seen the Copyfish and and Web Developer Chrome plugins compromised and used to push malware to users. While Chrome is likely safe and should probably not be considered a […]

An important consideration for “bug bounty” programs

The US DoJ recently released guidance on running vulnerability disclosure programs (aka bug bounties).  The document is nothing earth shattering, but does provide some free advice to organizations considering such programs. Rendition’s advice to organizations considering a bug bounty program? Think VERY carefully about how it will impact your monitoring and detection strategies. People looking […]

Is Kaspersky “inappropriately removing” files?

In a Reuters article yesterday, former FBI employees commented on the case investigating Kaspersky and reported a serious allegation against the Russian antivirus giant. According to the article: Two former employees and a person briefed on the FBI case told Reuters that Kaspersky software has at times inappropriately inspected and removed files from users’ machines […]