Watering hole attack prevention

Watering hole attack prevention

A watering hole attack is an indirect attack on a victim. Rather than directly attacking the victim’s network, the attacker attacks a web site that the victim’s employees are likely to visit. Then the attacker attacks the victim’s network, via its own workstations, from that web site. A former colleague asked me how you protect against watering hole attacks, and I thought this was a good exercise. So here are some strategies for watering hole attack prevention.

Read more

Vulnerability scanning best practices

As a vulnerability management professional, I talk about vulnerability scanning best practices a lot. There’s a lot more to vulnerability management than just scanning, but if you don’t get scanning right, the rest of the program suffers.

I’m going to talk about a lot of technical controls here, but don’t forget the nontechnical side. People and processes have to support all technology.

Read more

Common security attacks and countermeasures

As a security professional, I talk to a lot of people about common security attacks and countermeasures. I’m not always certain the people I’m talking to know what these things mean. I am almost certain they aren’t willing to ask.

I know it’s more complicated than it was when I took my Security+ exam a decade ago. The stakes are much higher now. The attacks I had to identify caused inconvenience, but someone conducting a successful smurf attack on your printer won’t get you in the headlines. Today’s attacks will.

Read more

What to look for in a USB flash drive

What to look for in a USB flash drive

USB flash drives are pretty much a necessity these days. They’re far more convenient for moving files around than optical discs, and they make good backup devices. But not all USB flash drives are created equal. Here’s what to look for in a USB flash drive.

Here’s a tip: I don’t just use USB flash drives for transporting data and backups. I like to keep a modest-sized USB flash drive plugged into my router, turning it into a small NAS. It gives me a convenient, reliable place to back up data from any of my computers.

Read more