Cybersecurity Blog: The Cyber Scene is evolving, are you?

Return to blog
Kurt is a Cyber Intel Analyst on the Leidos Commercial Cyber Services team. His primary focus is on analyzing and understanding APT tactics, techniques, and procedures - activities include network monitoring, incident response, and detection development. Kurt holds a MS in Security Informatics from Johns Hopkins University and a BA in Business Administration from Rhodes College.

Spear Phishing
noun

The fraudulent practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information.
"spear phishing represents a serious threat for every industry"

How does this serious threat effect your organization? We’ve built a detailed analysis of how one adversary takes a very personal approach to the classic supply chain attack. It analyzes the attack end to end, using the Cyber Kill Chain® analysis framework, including review of how a targeted email was delivered and weaponized.

Note: All names are fictional, and any resemblance to real people or companies is unintentional.

Read more

A discussion on sharing threat intelligence while balancing business objectives with cyber defense strategies.

I had the pleasure of attending the SANS CTI Summit a couple weeks ago. The red carpet was rolled out and all the industry’s biggest stars were there to talk about the most pressing topics facing the InfoSec world today. While there was a lot of consensus and agreement on items like what constitutes real intelligence and the power of harnessing internal resources, there were some lingering questions as well. Although everyone agreed that sharing with your friends is a good thing (circle of trust), there was some contention around publicly reporting Advanced Persistent Threat (APT) activity.

Read more