Training

Cybersecurity Publications

The following are frequently requested publications supporting our cybersecurity priority and mission. The publications listed on this page include  a selection of reports, plans, strategies.

Publications

ARE AUTO DEALERSHIPS CYBER SAFE?

PROVIDED BY: WAPACK LABS

With international criminal hackers becoming more diverse and sophisticated, directly targeting auto dealerships would provide a treasure trove of financial and proprietary information. This information could range from auto company and dealership internal data, or customer personal identifying information (purchase agreements and financing documents), to automotive industry vendor support for that local dealership. READ MORE...

 

CYBERSECURITY, A SHORT BUSINESS GUIDE

PROVIDED BY: BUSINESS NEWS DAILY

The news often reports on incidents involving large corporations facing massive data breaches where the personal information of millions of consumers was potentially leaked. However, we don’t often hear reports about the hacking of small businesses, mainly because these types of attacks aren’t public knowledge. Many entrepreneurs don’t realize that small businesses are just as at risk for cyber attacks as larger companies, but they are. According to a report by Verizon, 61 percent of data breach victims were small businesses. READ MORE...

THREAT INTELLIGENCE REPORT

PROVIDED BY: CYBERSECURITY INSIDERS

Threat intelligence has become a significant weapon in the fight against cybersecurity threats, and a large majority of organizations have made it a key part of their security programs. Among the key findings of the report are that organizations are leveraging threat intelligence data for a number of use cases, and many rates themselves fairly competent in their use of threat intelligence to identify and remediate cyber threats. The most common benefits of threat intelligence platforms include better threat analysis, faster detection, and response, more efficient security operations, and better visibility into threats. READ MORE...

GLOBAL FRAUD & RISK REPORT
FORGING NEW PATHS IN TIMES OF UNCERTAINTY

PROVIDED BY: KROLL.COM

Welcome to the 10th edition of the Kroll Global Fraud & Risk Report. This year’s Report addresses the diverse range of fraud-, cyber-, and security-related challenges that organizations are facing around the world and across a variety of industry sectors. In this Report, executives offer an insider’s perspective on the nature of incidents their organizations have experienced over the last 12 months, along with insights into the perpetrators and methods employed. These executives also, share specific steps they are taking to anticipate, detect, mitigate, and respond to an expanding and increasingly complex set of risks that bring with them material consequences, including potentially adverse financial and reputational impacts. READ MORE...

VANGUARD DEALER SERVICES

PROVIDED BY: WAPACK LABS

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam imperdiet leo mi, sit amet finibus velit fermentum eu. Interdum et malesuada fames ac ante ipsum primis in faucibus. Aenean sodales lorem risus, eu commodo turpis pellentesque et. Suspendisse lectus turpis, venenatis id lectus accumsan, pellentesque condimentum nisl. Morbi volutpat, ex at laoreet pellentesque, lacus ex tempus nisi, non laoreet felis enim sit amet justo. Nam convallis, turpis eu accumsan efficitur, risus velit egestas augue, vel sagittis orci neque sit amet tortor. READ MORE...

THE CYBER RISK HANDBOOK
CREATING & MEASURING EFFECTIVE CYBERSECURITY CAPABILITIES

PROVIDED BY WILEYFINANCE.COM

We are in what can best be described as a global cyber crisis, and the future does not look promising. The June 2014 Center for Strategic and International Studies report estimated that the global impact of cybercrime was between $375 and $575 billion. As cyber incidents are frequently undetected and infrequently reported, it is difficult to arrive at a more accurate understanding of the extent of cybercrime. The Center’s best estimate is $445 billion, given that the four largest economies, the United States, China, Japan standing of the extent of cybercrime. The Center’s best estimate is $445 billion standing of the extent of cybercrime. ber incidents are frequently undetected and infrequently reported, it is difficult to arrive at a more accurate understanding of the extent of cybercrime. The Center’s best estimate is $445 billion, given that the four largest economies, the United States, China, Japan. READ MORE...

HOW TO MEASURE ANYTHING IN CYBERSECURITY RISK

PROVIDED BY: http://www.wiley.com

This book, in particular, offers an alternative to a set of deeply rooted risk assessment methods now widely used in cybersecurity but that have no basis in the mathematics of risk or scientific method. We argue that these methods impede decisions about the subject of growing criticality. We also argue that methods based on real evidence of improving decisions are not only practical but already have been applied to a wide variety of equally difficult problems, including cybersecurity itself. We will show that we can start at a simple level and then evolve to whatever level is required while avoiding problems inherent to “risk matrices” and “risk scores.” So there is no reason not to adopt better methods immediately. READ MORE...

CURRENT PHYSICAL SECURITY RISKS THAT THREATEN CYBERSECURITY

PROVIDED BY: WAPACK LABS

Cybersecurity professionals often get focused on dangers which appear inside their networks or within company messages, sometimes overlooking physical threats. Laptops and devices routinely leave the confines of network cyber security parameters. In this circumstance, a hacker can easily get physically next to a vulnerable laptop, which may permit firewall rules and DNS Security inoperable to a bad guy hacking into “your” laptop.1 This is why Wapack Labs strongly suggest linking physical security concepts with current cybersecurity protections. Squaring physical security with the fact that people need to use their computers and mobile devices for legitimate work outside normal protections, is a current reality. READ MORE...

BEST PRACTICES FOR IMPLEMENTING SECURITY AWARENESS TRAINING

PROVIDED BY: www.ostermanresearch.com

Fundamentally, security awareness training is really more about security behavior training: the goal is to provide information to employees that will help them to be more informed about security threats, more skeptical about what they receive an email or through other channels, and less likely to commit damaging behaviors like clicking on malicious links in email, oversharing on social media, or believing requests delivered through electronic channels without first verifying them. The goal of this white paper was to understand the current state of security awareness training through an in-depth survey of security professionals and to offer advice about best practices that organizations should consider as they develop a robust training program for their employees. READ MORE...

 

RANSOMWARE HOSTAGE RESCUE MANUAL

PROVIDED BY: KNOWBED, INC.

In the last 5 years, cybercrime has gone pro. Instead of robbing a bank, why not get the bank to send you their funds without them even being the wiser? Instead of stealing company data, what if you could just have the person stick them in a safe that only the criminal knows the combination to, then ransom the combination. It really is that easy. It is the Internet “Wild Wild West” right now in terms of cybercrime and it’s every user’s responsibility to be aware of the dangers and to take steps to protect yourself and your company’s assets. READ MORE...

Video

CTAC DATA ANALYTIC FRAMEWORKS

A tour and discussion of our Data Analytics Framework that combines Open Souce Analytics Tools with Wapack Labs Data in an analyst focused, shared collaborative environment called CTAC.

CTAC RESEARCH & ANALYSIS

A step by step demo using Kibana with the CTAC API.

Q&A

I received a sinkhole and/or botnet hit. What do I need to do?
There may be a legitimate reason for a sinkhole or botnet hit. For example, somebody sandboxing malware or a researcher investigating an IP address. So first try to determine if the traffic is legitimate. If it’s not, then reference any logs that can provide additional information, such as packet capture, netflow, weblogs, or system logs.

I received a keylogger hit. What do I need to do?
First you need to determine if the keylogger is running on your network. The keylogger data will list the IP address of the infected system. If the keylogger is not running on your network then you’ll need to identify the user who’s data was compromised and inform them that they may have malware on their home computer. If the keylogger hit is for a system belonging to your organization you must then determine if there has been unauthorized access using the compromised account. Password resets should also be enforced for any account listed in keylogger outputs.

I received a Pastebin hit. What do I need to do?
Pastebin hits can be any number of things from open source data, to lists of domains and IP addresses, to doxes (PII posted with malicious intent). You must first examine the raw paste in order to determine if it is something that should be addressed. In many cases, Pastebin hits are benign.

I received a Threat Recon hit. What do I need to do?
Threat Recon hits can be any number of things. It’s possible however that the hit may be from a phishing campaign that was observed by Wapack Labs. If this is the case then you must determine if your organization was affected by the campaign by inspecting web logs.