Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Cyber Security Group

Results for Cyber Security Group

Part 2: Botnet Infrastructure. Welcome to the second in our series of blog posts on malware evolution and its impact on Incident Response. In our first installment we focused on how ...
Blog Entry by Bob Burls | 13 Oct 2014 | 0 comments
Last month, I had the privilege of visiting Sydney Australia to open our newly expanded office and Security Operations Center (SOC). I arrived in Sydney early in the morning and as I approached the hotel, I got my first glimpse of Sydney Harbor and ...
Blog Entry by Samir_Kapuria | 26 Sep 2014 | 1 comment
In order to optimise the success and operation of a franchising model, which could be an organization with affiliate or agent offices, we recommend there should be IT security standards set that the franchisee adheres to. Whilst generic standards and ...
Blog Entry by Bob Burls | 24 Sep 2014 | 0 comments
The examination of prefetch files is commonly done during live response.  They are easy to grab, quick to analyze and can provide useful information when investigating malicious activity. Here is what information we can glean from the prefetch: ...
Blog Entry by Jamie Porter | 11 Sep 2014 | 6 comments
         The term incident response means a lot of things to a lot of people. Historically, words like “unpleasant” or “chaotic” come to mind when thinking about the last time many organizations responded to the suspicion of a compromise by ...
Blog Entry by Clint M. Sand | 05 Aug 2014 | 1 comment
I have a calendar alert goes off at 9:30 AM to “Reach out to Layer 8”, which is a little project I devised for myself. When the reminder fires, I open a file called “Friends.txt” that contains several people’s names, departments and phone numbers. ...
Blog Entry by Matt Sherman | 04 Aug 2014 | 4 comments
In the previous installment we examined default Apache logging. Now let's pump up the default Apache combined log format in order to supercharge forensic capability! We'll utilize the "LogFormat" directive in order to define ...
Blog Entry by Vince Kornacki | 04 Aug 2014 | 0 comments
The term live response is being heard more and more frequently but what exactly is it and how does it differ from traditional forensics. Live response and traditional forensics have a lot in common in that they both are looking for similar ...
Blog Entry by Jamie Porter | 04 Aug 2014 | 6 comments
Yara is a tool that Symantec uses on incident response engagements in order to help us respond quickly and triage hosts while our security team is prepping signature updates for our affected clients. Yara is very popular tool among security ...
Blog Entry by Trent Healy | 04 Aug 2014 | 7 comments
When the kids at the schools where I speak ask me what I do for a living I don't tell them I postulate about quantifying the loss of opportunities when we delay a response to an incident or malicious cyber-attack. I tell them I help the world ...
Blog Entry by Robert Shaker | 04 Aug 2014 | 0 comments