The Data Cleaner

    Understanding the Cyber Kill Chain By Bradley Milburn   The cyber kill chain is a framework developed by Lockheed Martin to describe the stages of a cyber attack. It breaks down the process into distinct phases, which helps organizations understand how attacks unfold and how they can be detected and mitigated at each stage. The traditional cyber kill chain consists of seven stages:   1 . Reconnaissance  - The attacker gathers information about the target, such as identifying potential vulnerabilities, gathering email addresses, and understanding the network architecture. Passive Examples: -     Whois -     Google -     Job listings -     Company website Active Examples: -     Nmap -     Port scanning -     Banner grabbing -     Vulnerability scanners (APT’s tend to do this over a long period of time to better avoid detection)   Ways to protect to a business network: -     Network Security - Firewall Configuration, Intrusion Detection Systems (IDS), Disa...

  MORALLY INDEFENSIBLE  Microsoft, On January 12th detected an uninvited & dangerous guest in its IT systems. Within a few days it attributed the raid on emails of its “senior leadership” and cybersecurity team to Russia’s Foreign Intelligence Service.  The group has been attacking IT service providers in both Europe and the US. On 25 January, Microsoft published a quick analysis of how Russia's Foregin Intelligence Service hit its systems and said it was notifying other victims. Below is an understanding of what has happened, some informed speculation about the attackers’ lateral movement that may be useful for network defenders. 1. Russia's Foregin Intelligence Service  breached a Microsoft “test tenant” account. It was left sitting with no MFA and without a robust password. They tailored their “password spray” attacks to a limited number of accounts, using a low number of attempts to evade detection and avoid blocks based on the volume of failures. They atta...

 The Pig Butcher This technique is really interesting because it is a display of how people can manipulated by scammers using such diverse tactics. It's modern take on dated amatuer scamming techniques. 'Pig butchering' scams involve victims being effectively 'fattened up' with a fake romantic relationship before being 'butchered' by fraudulent investment advice. It works by scammers posing as love interests on dating sites then convincing their matches to invest in bogus cryptocurrency schemes.  Case that caught my eye: There has recently been a story in the news about a particular cyber scam network. They are run by powerful Chinese syndicates in Southeast Asia. Gaining Trust: The scam often begins with casual conversations initiated by the scammer. These initial interactions are designed to build trust and in many cases involve the use of attractive profile images to lure victims. Introducing the Investment: As trust is established, the scammer introduces...