kkostreva@guardsight.com

About Katherine Kostreva

This author has not yet filled in any details.
So far Katherine Kostreva has created 109 blog entries.

TomCast XLVI: CIA Triad, Part III

2023-01-31T21:16:21+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we are going to wrap up the three part series on the CIA Triad, the very foundation of cybersecurity. We’re focusing on that last letter today; the letter A. Remember what that letter stands for? Availability, for those of you that are tuning in ... Read More

TomCast XLVI: CIA Triad, Part III2023-01-31T21:16:21+00:00
GSPBC-1062 - Command and Control - Application Layer Protocol

GSPBC-1062: Command and Control – Application Layer Protocol

2023-01-31T20:25:15+00:00

Application Layer Protocol Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server. Adversaries may utilize many different protocols, including those used for web browsing, transferring files, electronic mail, or DNS. For connections that occur internally within an enclave (such as those between a ... Read More

GSPBC-1062: Command and Control – Application Layer Protocol2023-01-31T20:25:15+00:00
Iron Bow Acquires GuardSight

Iron Bow Technologies Acquires GuardSight Inc.

2023-01-26T03:28:58+00:00

Iron Bow Technologies, the leading technology solutions provider to government, commercial, education, and healthcare markets, today announced it acquired GuardSight Inc., a cybersecurity operations as a service (SECOPS) and managed detection and response (MDR) company that serves businesses and organizations across the U.S. The acquisition will enhance Iron Bow's existing cybersecurity solutions portfolio, combining its public-sector cybersecurity engineering capabilities with GuardSight's private-sector SECOPS and MDR capabilities. With GuardSight, Iron Bow will provide a more holistic cybersecurity ... Read More

Iron Bow Technologies Acquires GuardSight Inc.2023-01-26T03:28:58+00:00

TomCast XLV: CIA Triad, Part II

2023-01-10T04:05:21+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we are going to continue the three part series on the CIA Triad, the very foundation of cybersecurity. Remember what the triangle is? Each point of the triangle is part of the triad. The C stands for Confidentiality, the I stands for Integrity, and ... Read More

TomCast XLV: CIA Triad, Part II2023-01-10T04:05:21+00:00
GSPBC-1061 - Reconnaissance - Gather Victim Identity Information

GSPBC-1061: Reconnaissance – Gather Victim Identity Information

2023-01-10T03:48:25+00:00

Gather Victim Identity Information Adversaries may gather information about the victim's identity that can be used during targeting. Information about identities may include a variety of details, including personal data (ex: employee names, email addresses, etc.) as well as sensitive details such as credentials. Adversaries may gather this information in various ways, such as direct elicitation via Phishing for Information. Information about users could also be enumerated via other active means (i.e. Active Scanning) such ... Read More

GSPBC-1061: Reconnaissance – Gather Victim Identity Information2023-01-10T03:48:25+00:00
What is Cybercrime-as-a-Service?

What is Cybercrime-as-a-Service?

2022-12-28T00:56:27+00:00

As we step over the cybersecurity threshold from 2022 to 2023 and look down range, we can expect the bad guys to continue to become more aggressive and efficient at their profession. One primary area of their expansion and continuous improvement will be "cybercrime as-a-service." This ecosystem is flourishing and has lowered the barriers of entry for would-be cybercriminals. Anticipate that more miscreants will join their malevolent cohorts. The following are some areas of expected growth ... Read More

What is Cybercrime-as-a-Service?2022-12-28T00:56:27+00:00

TomCast XLIV: CIA Triad, Part I

2022-12-20T02:55:32+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we are going to start a three part series on the CIA Triad, the very foundation of cybersecurity. As the cybersecurity realm continues to grow and expand many thinks of the subject matter as extremely complex and they have no idea where to start. ... Read More

TomCast XLIV: CIA Triad, Part I2022-12-20T02:55:32+00:00
GSPBC-1060 - Lateral Movement - Internal Spearphishing

GSPBC-1060: Lateral Movement – Internal Spearphishing

2022-12-20T02:35:38+00:00

Internal Spearphishing Adversaries may use internal spearphishing to gain access to additional information or exploit other users within the same organization after they already have access to accounts or systems within the environment. Internal spearphishing is multi-staged campaign where an email account is owned either by controlling the user's device with previously installed malware or by compromising the account credentials of the user. Adversaries attempt to take advantage of a trusted internal account to increase ... Read More

GSPBC-1060: Lateral Movement – Internal Spearphishing2022-12-20T02:35:38+00:00
How PBCs Convert Chaos Into Order During Cyber Battle

How PBCs Convert Chaos Into Order During Cyber Battle

2022-12-12T22:08:20+00:00

Did you know that the GuardSight team publishes free, open-source playbooks called Playbook Battle Cards (PBC)? Here's what PBCs are all about: PBCs are recipes for preparing and applying countermeasures against cyber threats and attacks. They are a prescriptive approach to combat various Tactics, Techniques, and Procedures (TTP) deployed by cyber threat actors. PBCs follow a PICERL model (Preparation - Identification - Containment - Eradication - Recovery Lessons Learned) and reference the MITRE ATT&CK framework. PBCs ... Read More

How PBCs Convert Chaos Into Order During Cyber Battle2022-12-12T22:08:20+00:00

TomCast XLIII: Cyber Skills Shortage

2022-12-05T02:18:47+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints.Today we are going to discuss a topic that is on the minds of several employers out there. That topic is the cyber skills shortage. First, I want to mention that I do not believe the shortage is as extreme as industry leadership seems to think, but ... Read More

TomCast XLIII: Cyber Skills Shortage2022-12-05T02:18:47+00:00
Go to Top