blog

Blog

Beware of the Office 365 Compromise

There’s an old saying that a bad day fishing is better than a good day doing anything else. Many cyber thieves might agree that applies to phishing, as well, particularly if they put some extra effort into their endeavor.

Counter-Punching Anti-Debugging Methods with WinAppDbg and Python - Part 1

~ by Britton Manahan Introduction Advanced dynamic malware analysis through debugging can unlock invaluable insights into an unknown binary. However, sophisticated malware authors aren’t going to simply allow their programs to hand over their secrets to a debugger. Many of the anti-debugging techniq...

Are you Ready for GDPR?

The General Data Protection Regulation (GDPR) is a European Union regulation on data protection and privacy for all individuals within the EU’s 28-member countries. When it goes into effect on May 25, 2018, it will require companies that collect personal data on European Union citizens to comprehens...

What We're Reading for May 2018

Meanwhile, Verizon’s 2018 Data Breach Investigations Report is available.  In addition to updated stats on where and how security incidents are happening, the report indicates that the security processes and technologies put in place are proving their value. The challenge is that now there is so muc...

Of Note @ Crypsis ...

The Crypsis Group is expanding the senior ranks of our Los Angeles office with the addition of Matt Armstrong as principal consultant. Matt comes to us from the L.A. office of cyber security firm Stroz Friedberg, where he served for five years leading teams of consultants on digital forensic investi...

What We're Reading for April 2018

The Cisco 2018 Annual Cybersecurity Report is out. This year’s edition says that malware sophistication is increasing as adversaries begin to weaponize cloud services and evade detection through their own encryption. Noting that 50 percent of global web traffic was encrypted as of October 2017, it s...

Of Note @ Crypsis ...

The Crypsis Group has opened a new office in Austin, Texas.  It will be staffed by Crypsis cyber security experts and serve clients in the region who have a need for the company’s data breach incident response, cyber risk management, and digital investigations and forensics services. This brings to ...

The Axis of Hack-sis?

Recent events are bearing out the Worldwide Threat Assessment of the U.S. Intelligence Community, delivered to Congress in February by the Director of National Intelligence Dan Coats, which pointed a finger at Russia, Iran and North Korea as states that are using cyber operations as a low-cost tool ...

Crypsis ... periodically | December 2017

U.S. Government Blames N. Korea for WannaCry Earlier this month, the U.S. government formally accused North Korea with carrying out the WannaCry cyber attack, a ransomware virus that disrupted computers and networks around the world and caused billions of dollars in damage earlier this year. In an o...

Crypsis ... periodically | November 2017

NSA Hack There has been a lot of attention focused on the data breach at the U.S. National Security Agency, reportedly by a group known as the Shadow Brokers. The New York Times reported that the NSA had been deeply infiltrated by the group, with the damage already exceeding that done by Edward Snow...