A “selector” is not a generally defined term in enterprise security, but selectors are important for understanding open source intelligence and investigations in the digital realm. Building on our previous technical blog defining a selector, we will be diving deeper into selectors and how they enable external threat hunting, attribution, and open source intelligence analysis.
8 min read
The Myth of Complex Passwords
Password reuse is one of the most pervasive security concerns for information security teams in enterprise. It’s an easy way for an adversary to gain initial access if two factor authentication is not properly implemented and more importantly, provides the ability to move laterally in a network and escalate privileges, thus compromising critical data.
Below is a deep dive into the art of passwords, and how this can play out in both directions.
7 min read
What is a Selector in the World of Digital Crime?
Every hour of every day, criminals, nation states, and fraudsters around the world commit attacks using phone numbers, email addresses, and social media handles. We call these “selectors,” i.e. the technical attributes of an online entity.
4 min read
Five Critical Data Source Considerations for Adversary Attribution
Strong intelligence is the base of adversary attribution; nothing can replace the holistic picture created by technical indicators in combination with HUMINT and OSINT sources.
Cyber Diligence Provides Actionable Intelligence to M&A Teams
Large companies take robust consultative approaches to integrating networks and applications post-acquisition. Rarely do acquiring security teams have the resources or cost-effective internal processes to do their own investigative cyber diligence on a pending acquisition. The most cost-effective option is intelligence analysis conducted “outside of the firewall”, analysis of unique data that combines automation and human investigation to provide timely and accurate insights into key man risk, network security, negative press, and infrastructure and network vulnerabilities. Informed by this analysis, “on-network” compromise assessments can then provide a comprehensive inspection to enable the acquiring party to move forward confident it is on stable ground from a security perspective.
