June 22, 2018

Author: Jake

Common SIEM Problems

As there’s been a lot of SIEM hype over the last few years, I’d thought I’d go over a few common problems I’ve come across whilst deploying new, and fixing existing SIEM deployments. This won’t be a complete list, but just some of the most common. I may update this post from time to time. […]

Crypto Jacking – The New Threat

In this post I will discuss the new threat of Crypto Jacking – what it is, where it came from and why you should be on the look out. What is Crypto Jacking? Crypto Jacking is where malicious code is installed on your infrastructure/Computer with the aim of using your processing power to mine Crypto […]

DNS Sinkhole – What is it & Why do I need one?

In this post I will talk about DNS Sinkholing, what it is and how it can help you identify potentially infected machines. Useful in the fight against malware such as viruses, Ransomware and Crypto Jacking! What is DNS? Domain Name System – in very basic terms, the internet (and local networks) are all routed by […]

FortiGate :: HA Routed Failover w/ Session Failover

A recent requirement that came up was for there to be a redundant pair of firewalls, which allowed for session failover, configuration synchronisation and also maintain different external IPs and seperate BGP peering. A niche request, but something that was supported with FortiGates. Below details some configuration examples to achieve this. Config and Session Sync […]

Security Concerns :: Ransomware

Working for a security consultancy/MSSP business, I come across a lot of customers who in the past have gone to companies seeking advice on a particular security threat that is getting more media attention at that particular moment. More often than not, the “Security Expert” (salesman…) sells them a device; promising them it will fix all […]

Kali Linux :: Email Harvesting

In this post, I will show you a tool in Kali Linux that’s able to harvest email addresses that are publicly available on the internet. Why do I want to harvest emails? When working with a company to run a phishing campaign against you (for testing purposes), or indeed a hacker running a malicious phishing […]

CISSP :: Security and Risk Management – Part 1

The first domain we will discuss in my series of CISSP articles will be Security and Risk Management. I will break this down across several posts, with the intention of keeping them “bite-sized” and easier to take on board. I will use the (ISC)2 defined sub-categories of each domain as headings during my posts. Confidentiality, […]

CISSP :: Certified Information Systems Security Professional – Introduction

I have set myself a task this year to achieve CISSP – Certified Information Systems Security Professional. CISSP is a globally recognised certification that encompasses a broad range of IT Security topics. It’s vendor-neutral and well regarded in the industry. To become a CISSP, you must meet the following: You must have completed a minimum of […]

VMWare :: Clone a VM without vCenter

VMWare ESXi is a great free tool for any home lab, but something that is missing is the ability to clone VMs – a feature reserved for customers with vCenter. Well, there is a relatively straight forward process that will enable you to duplicate your VMs and I will show you how in this post. […]

Firewall Troubleshooting :: CLI Packet Captures

In this post, I will cover the CLI based packet capture functionality for two firewalls; these are FortiGates and Check Points. Each have slightly different commands, but the results are fairly similar. This post will hopefully be of use for environments with multiple firewalls vendors, or where you support multiple customers with differing firewall vendors. What […]
Page 1 of 212 »

Subscribe to SYNACK via Email