About Katherine Kostreva

This author has not yet filled in any details.
So far Katherine Kostreva has created 42 blog entries.

TomCast XXI: Ransomware Response

2022-01-12T02:09:31+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we continue the series of TomCasts on Ransomware. This particular TomCast is going to focus on responding to a Ransomware attack or infection. There are helpful artifacts that can help you or your organization in the case of Ransomware infection; check out https://github.com/guardsight. There ... Read More

TomCast XXI: Ransomware Response2022-01-12T02:09:31+00:00

GSPBC-1043: Execution – Exploitation for Client Execution

2022-01-12T01:54:27+00:00

Exploitation for Client Execution Adversaries may exploit software vulnerabilities in client applications to execute code. Vulnerabilities can exist in software due to unsecure coding practices that can lead to unanticipated behavior. Adversaries can take advantage of certain vulnerabilities through targeted exploitation for the purpose of arbitrary code execution. Oftentimes the most valuable exploits to an offensive toolkit are those that can be used to obtain code execution on a remote system because they can be ... Read More

GSPBC-1043: Execution – Exploitation for Client Execution2022-01-12T01:54:27+00:00

Kognos Partners with GuardSight to Expand Defense Capabilities with Next-Gen Threat Hunting Platform

2021-12-14T01:44:54+00:00

GuardSight Enhances Cybersecurity Services Portfolio with Kognos Autonomous XDR Investigator Platform Kognos, provider of the first and only autonomous XDR investigator platform that detects, investigates, and responds to attack campaigns in real time, today announced a partnership with GuardSight, a Top 200 MSSP, Cybersecurity as a Service (SECOPS), and managed detection and response (MDR) company that serves SMBs and enterprises across the U.S. "We are delighted to partner with Guardsight to bring the industry’s first ... Read More

Kognos Partners with GuardSight to Expand Defense Capabilities with Next-Gen Threat Hunting Platform2021-12-14T01:44:54+00:00

GSPBC-1042: Lateral Movement – Replication Through Removable Media

2021-12-14T00:25:47+00:00

Replication Through Removable Media Adversaries may move onto systems, possibly those on disconnected or air-gapped networks, by copying malware to removable media and taking advantage of Autorun features when the media is inserted into a system and executes. In the case of Lateral Movement, this may occur through modification of executable files stored on removable media or by copying malware and renaming it to look like a legitimate file to trick users into executing it ... Read More

GSPBC-1042: Lateral Movement – Replication Through Removable Media2021-12-14T00:25:47+00:00

TomCast XX: Ransomware, Defined

2021-12-14T00:13:44+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we begin a series of TomCasts on a threat that has adversely impacted many people and numerous organizations. That threat is known as Ransomware. Over the next few TomCasts we will be discussing what Ransomware is, how to respond if you or your organization ... Read More

TomCast XX: Ransomware, Defined2021-12-14T00:13:44+00:00

GuardSight Becomes Member of Overseas Security Advisory Council (OSAC)

2021-12-09T03:15:09+00:00

WORKING TOGETHER TO PROTECT U.S. INTERESTS OVERSEAS Great news! GuardSight is now an official member of the Overseas Security Advisory Council (OSAC). Here's why this is a big deal for GuardSight and our clients. What is OSAC? OSAC is a public-private partnership between the Department of State and affiliated companies that promotes security awareness on issues abroad. The core mission of this unique global security community is to provide critical support during times of ... Read More

GuardSight Becomes Member of Overseas Security Advisory Council (OSAC)2021-12-09T03:15:09+00:00

GSPBC-1041: Persistence – Boot or Logon Autostart Execution

2021-11-17T04:59:32+00:00

Boot or Logon Autostart Execution Adversaries may configure system settings to automatically execute a program during system boot or logon to maintain persistence or gain higher-level privileges on compromised systems. Operating systems may have mechanisms for automatically running a program on system boot or account logon. These mechanisms may include automatically executing programs that are placed in specially designated directories or are referenced by repositories that store configuration information, such as the Windows Registry. An ... Read More

GSPBC-1041: Persistence – Boot or Logon Autostart Execution2021-11-17T04:59:32+00:00

TomCast XIX: Holiday Travel

2021-11-23T22:52:04+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today’s discussion involves holiday travel. Since the holiday season is upon us, some helpful tips might want to be shared to ensure that everyone has a safe and pleasant travel experience (as much as they are in control of, that is). Why would a cybersecurity ... Read More

TomCast XIX: Holiday Travel2021-11-23T22:52:04+00:00

GSPBC-1040: Discovery – Process Discovery

2021-11-03T23:40:18+00:00

Process Discovery Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions. Source: https://attack.mitre.org/techniques/T1057/ Back to Playbook Battle Cards See Playbook Battle Cards on ... Read More

GSPBC-1040: Discovery – Process Discovery2021-11-03T23:40:18+00:00

TomCast XVIII: Public Wi-Fi, Good or Bad?

2021-11-23T01:55:26+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today’s discussion involves public wi-fi and the risks of use combined with ways you can keep your system and data secure IF you must use it. How many of you out there frequently visit locations that have public wi-fi? Do you use these services regularly? ... Read More

TomCast XVIII: Public Wi-Fi, Good or Bad?2021-11-23T01:55:26+00:00
Go to Top