In the arsenal of cybersecurity defenses is the series of exercises that go by the name of red team/blue team simulated attack. These simulations are purposely designed to closely mimic actual real-world conditions. For example, one of the red team members would take on the role of an employee clicking on a phishing link that deposits malware on the network. The defending team members must then find this malware before it spreads across their network and infects web servers and other applications. To make things more realistic, the simulation replays real network traffic to obscure the attacks, just like in the real world.

In this piece for CSOonline, I discuss the difference between the various colored designations, why you would want to conduct these exercises, and some recommended steps to take to pull this off.

Linode has published an excellent series of red team exercises that is worth looking at.

The often-exploited Remote Desktop Protocol (RDP) is once again in the news. This time, it has a new attack vector that was discovered by researchers and subsequently patched earlier this month by Microsoft. Given that all versions of Windows for the past 10 years – for both desktop and server – need to be patched, you should put this on your priority list, especially since this new problem can be easily exploited. In my latest post for Avast’s blog, I describe what this new challenge is about and ways that you can minimize any potential expoits.

One of the biggest threats facing both large and small businesses alike goes by the moniker credential stuffing. In these attacks, the bad guys count on our reuse of passwords across two or more logins, and once they find a user name/password that works, they try to use that information to break into our other accounts. Akamai, in its latest State of the Internet report, says that it has seen over 193 billion credential stuffing attacks in 2020. These attacks can cost billions of dollars annually, when adding up the cost of remediating the problem, handling all the user calls for password resets, and changing other operations. The office of New York Attorney General Letitia James has found thousands of posts containing login credentials that had been tested in credential stuffing attacks. In order to combat credential stuffing attacks, James’ office recently released a business guide.

You can read more about ways to fight credential stuffing attacks in my latest post for Avast’s blog here.

Edward Snowden and Pulitzer Prize-winning journalists Glenn Greenwald and Chris Hedges have recently come together in a video conference call moderated by Amy Goodman of Democracy Now. In the video, the group talks about the past eight years of privacy problems and other significant events. After Snowden leaked documents from the NSA and left their employment in 2013, he has been living in Moscow and since charged with violating the Espionage Act. I review the discussion in this blog post for Avast and explore his history, the state of affairs around Julian Assange’s self-imposed exile in London, and the relationship between governments and individual privacy in light of the NSA’s mass surveillance that was revealed by Snowden.

A years-long research effort between computer scientists at Stony Brook University and private industry researchers have found more than 1,000 new and more sophisticated phishing automation toolkits across the globe. What’s interesting about this effort is these tools can help subvert the multi-factor authentication (MFA) of just about any website using two key techniques, man-in-the-middle (MITM), and reverse web proxies. In my blog post for Avast, I talk about how the attack works, how these tools were found in the wild, and what you can do about them to keep using MFA to protect your own logins.

The US Cyberspace Solarium Commission’s latest report, entitled Countering Disinformation in the US, is the latest analysis to come from this two-year-old bipartisan Congressional think tank. The report, which was released earlier this month, takes a closer look at the way disinformation is spread across digital networks and proposes a series of policy actions to slow its spread using a layered defense.

Whether or not the US Congress will take up these recommendations is hard to say. Certainly, the current hyper-partisan split won’t make it easier. You can see the move away from bipartisan bill sponsorship as documented by the report in the graph above. You can read more in my post for Avast here.