The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • Black Hat 2017: training, cybersecurity trends and end-point protection

    August 03, 2017, ,

    Read more
  • [CMSAbstractTransformation.DataBind]: Object reference not set to an instance of an object.
  • Just a Few Seats Left at the Coalfire Adaptive Pen Testing Training at Black Hat!

    July 18, 2017, Communications Team, Coalfire

    Black Hat is just around the corner, and Coalfire is gearing up for the best Adaptive Penetration Testing Training yet! We’ve ‘adapted’ the Adaptive Penetration Test Training course with new instructors, enriched content, and new labs to provide the richest training to date. The revised training now includes exploitation and post-exploitation for Linux as well as an after-hours bonus, Social Engineering “practical” exercises. Demand has been high – we’ve sold out the July 22-23 class, but we’ve got just a few seats left for our July 24-25 class. Save $100 on those last seats if you register before the 21st!

    Read more
  • Petya/NotPetya: What It Is, and What You Can Do Right Now

    June 27, 2017, Mike Weber, Vice President, Coalfire Labs

    Just when we thought there were no more tears left in the wake of WannaCry, it’s time to pull out the tissues yet again for the latest global cyber incident: introducing “NotPetya,” the most recent ransomware variant to creep across continents and affect companies across many industries. Please read on for helpful information on how to prevent a NotPetya attack, as well as minimize propagation across the network.

    Read more
  • Ransomware: the anatomy of paying a ransom to decrypt hostage files

    May 25, 2017, Bryce Bearchell, Security Consultant

    Ransomware is on the rise and clients seeking to understand the process can learn from this client’s story about being a victim of ransomware as to what can be expected and how to handle a ransomware attack. Recently a company facing a malware infection approached us to help them deal with the encryption of most of their servers across their domain. This also included systems that held online backups - and there was no offline backup solution (that’s a topic for a whole different blog post). The company had discovered a ransom note on their affected systems, along with data files that had been deleted and new files created in the format of <original_filename>.whereisyourfile that appeared to be encrypted.

    Read more
  • Information and guidance for dealing with WannaCry

    May 15, 2017, Mark Lucas, Vice President, Chief Information Security Officer, Coalfire

    Coalfire continues to closely monitor the WannaCry ransomware attack.  Much has been written over the past few days about the attack.  For those of you who may not have had time to review in detail and assess appropriate actions for your organization, we wanted to provide summary information.  

    Read more
  • Displaying results 6-10 (of 15)
     |<  <  1 - 2 - 3  >  >| 

Recent Posts

Post Topics

Archives

Tags

2.0 3.0 access Accounting Agency AICPA Assessment assessments ASV audit AWS AWS Certified Cloud Practitioner AWS Certs AWS Summit bitcoin Black Hat Black Hat 2017 blockchain Blueborne Breach BSides BSidesLV Burp BYOD California Consumer Privacy Act careers CCPA Chertoff cloud CoalfireOne Compliance credit cards C-Store Cyber cyber attacks Cyber Engineering cyber incident Cyber Risk cyber threats cyberchrime cyberinsurance cybersecurity danger Dangers Data DDoS DevOps DFARS DFARS 7012 diacap diarmf Digital Forensics DoD DRG DSS e-banking Ed Education encryption engineering ePHI Equifax Europe EU-US Privacy Shield federal FedRAMP financial services FISMA Foglight forensics Gartner Report GDPR Google Cloud NEXT '18 government GRC hack hacker hacking Halloween Health Healthcare heartbleed Higher Higher Education HIMSS HIPAA HITECH HITRUST HITRUST CSF Horror Incident Response interview IoT ISO IT JAB JSON keylogging Kubernetes Vulnerability labs LAN law firms leadership legal legislation merchant mobile NESA News NH-ISAC NIST NIST 800-171 NIST SP 800-171 NotPetya NRF NYCCR O365 OCR of P2PE PA DSS PA-DSS password passwords Payments PCI PCI DSS penetration Penetration Testing pentesting Petya/NotPetya PHI Phishing Phising policy POODLE PowerShell Presidential Executive Order Privacy program Ransomware Retail Risk RSA RSA 2019 Safe Harbor Scanning Scans scary security security. SOC SOC 2 social social engineering Spectre Splunk Spooky Spraying Attack SSAE State Stories Story test Testing theft Virtualization Visa vulnerability Vulnerability management web Wifi wireless women XSS
Top