A New Cold War – with Many Sides
August 28, 2014, Rick Dakin, CEO, Co-founder and Chief Security Strategist
A New Cold War – with Many Sides There’s a lot we still don’t know about the FBI’s investigation of the data theft at JP Morgan Chase & Co. Criminal hackers based in Russia were targeting U.S. financial institutions long before Russia annexed Crimea or the West responded with sanctions. Is this truly a state-level act? Is it more than a coincidence that the attacks on our financial institutions follow a series of relatively effective sanctions against Russian financial interests? Or is it just another money-making venture by a Russian hacker network?
Please make sure you have offline backups
June 11, 2014, Adam Sarote, Director, Coalfire
This ransomware has hit not only personal computers, but also organizations, including a town in New Hampshire. This particular attack was carried out when an employee opened a seemingly legitimate email attachment, once again reminding us of the ever-present danger of social engineering. Read more
It wasn't raining when Noah built the ark
April 01, 2014, Craig Billado, Forensic Analyst, Coalfire Labs
This month movie-goers around the world will flock (possibly two-by-two) to see Darren Aronofsky’s ‘Noah’—a silver-screen adaptation of the timeless biblical story, starring Russell Crow and Jennifer Connelly . Whether one interprets the flood narrative literally or figuratively, this fact remains: the time to prepare for disaster is not after the fact but beforehand. This is true whether the calamity is divine or human in origin.
Penetration Testing Frequently Asked Questions
October 29, 2012, Mike Weber, Vice President, Coalfire Labs
You may have noticed this recent article about Google’s contest that rewarded a hacker for discovering a vulnerability in Chrome. Once Google verified the vulnerability, they were able to fix the bug and issue the cash prize to the hacker. This is a very public example similar to what Coalfire Labs does every day - working with security leaders to test their security programs.