Cyberis Blog

Reassuringly clear thinking.

  • Detect and respond

Defining your objectives

You have an incident. You know you need to handle it. You’re under pressure, and your team is stressed. This is often the most dangerous point in an incident response operation. Stressed people under pressure to respond quickly tend to make one of two mistakes...

Read more
  • Detect and respond

Identifying the incident

At some point, your business is likely to have to deal with an incident.  When this happens, being able to accurately identify and classify the incident is key to responding effectively with the minimum impact to your BAU operations. Yesterday, we discussed how proper planning will help you get a robust incident response framework in place.  Today, we are going to look at the sorts of questions you need to ask yourselves in order to be able to identify and classify an incident, and hence tailor your response.

Read more
  • Detect and respond

The five 'P's

It is widely acknowledged that these days, it is not a question of 'if', but 'when' an organisation will need to handle a security incident, and as every project manager knows, Proper Planning Prevents Poor Performance.

Read more
  • Detect and respond

Incident response week

Ever wondered if you're prepared for a cyber security incident? This week, one of our Directors, Gemma Moore, is guiding you through incident preparation and handling.

Read more
  • Research

The True Impact Of A Cyber Breach On Share Price

With media coverage of security breaches becoming more commonplace, the business world is beginning to realise that it is less a matter of ‘if’ there is a breach and more a matter of ‘when’. Whilst there is often extensive coverage of the cost to the affected company of a data breach, rarely is the impact on the company’s value examined. We  looked at four recent data breaches and examined the impact on share prices for the companies involved, both short and medium term, to  see if the value of the company is indeed affected.

Read more
  • Detect and respond

Internal Indicators Of Compromise: Understanding Your Data

The threat landscape is constantly evolving.  The skillsets and techniques used by adversaries constantly evolve in terms of sophistication and efficacy.  There's an arms race going on, and offensive capabilities tend to be outstripping defensive controls. Some ubiquitous threat actors, such as those criminal gangs running ransomware operations, may not care too much about what data you have within your network.  Most organisations are targeted by a range of threat actors, however, and some may be highly driven to gain access to your assets.

Read more
  • Detect and respond

The Online Extortion Trend

Over the last 12 months, ransomware has rapidly become one of the most prevalent information security threats to a vast number of organisations of any size, as well as the individual consumer. It is a highly lucrative opportunity for criminals and is claiming a growing list of victims. Indeed, at Cyberis, we have experienced a significant upward trend in incident response services and requests for our advice due to ransomware events.

Read more
  • Penetration testing
  • Tools and techniques

Obtaining NTDS.Dit Using In-Built Windows Commands

Using the same underlying technique (Volume Shadow Service), there is an in-built command (Windows 2008 and later) that does a backup of the crucial NTDS.dit file, and the SYSTEM file (containing the key required to extract the password hashes), without the need to use VB Script, third-party tools or injecting into running processes.

Read more

Improve your security

Our experienced team will identify and address your most critical information security concerns.