NetWorks Group Blog

Matt Warner

Matt is the Director of Managed Detection & Response service at NetWorks Group. When he is not architecting new products, he provides expert guidance for offensive and defensive security teams to overcome blockers and challenges.
Find me on:
 

Recent Posts

KRACK Vulnerability: Details and Moving Forward

Posted by Matt Warner on Oct 18, 2017 9:10:00 AM

KRACK or Key Reinstallation Attack is a vulnerability in the WPA2 wireless security protocol. The majority of wi-fi network implementations at this time are vulnerable to this attack as it exploits the protocol itself and not any specific brand or solution. As a whole, KRACK is focused around clients more than it is on APs, however, both need to be appropriately updated to avoid the vulnerabilities that make up KRACK. Do not change to different encryption schemes as opposed to maintaining an already stable implementation of WPA2, as it is still more secure than WEP or WPA despite this vulnerability.

Read More
0 Comments Click here to read/write comments

Topics: Ethical Hacking, Threat Management, Threat Advisory

Threat Detection - Logs, Log Sources and Analysis Make All the Difference

Posted by Matt Warner on Oct 10, 2017 9:25:00 AM

Threat detection has grown to a complex and messy activity in organizations. Many utilize Security Information and Event Management systems which can play a critical role in today's enterprise.  In order to do their job, SIEMs depend on the logs generated by the enterprise's various systems. Sounds simple enough. However, in a typical Fortune 500 company scenario, an astounding amount of log data is generated. It's not at all unusual to see 10 Terabytes of plain text per month. Fact is, there can be hundreds, even thousands of sources of log data in the typical enterprise. Even small and medium sized businesses will be overwhelmed trying to collect, analyze, and store their log data. The questions are, then, “Can you collect AND analyze them all? Should you? Will the the infrastructure support storage and ongoing detection? Do you have the expertise in place to analyze logs and maintain the infrastructure to do so?”  

Read More
0 Comments Click here to read/write comments

Topics: Security Monitoring, Managed Detection & Response, Information Security, Threat Hunting, Threat Management

Detect and Respond to 'Petya' Ransomware Attack

Posted by Matt Warner on Jul 20, 2017 10:05:00 AM

The NotPetya ransomware, a Petya variant, attack of July 2017 is similar to the recent WannaCry attack that struck 230,000 computers globally. NotPetya utilizes the same exploit as WannaCry, Eternal Blue, to infect Windows-based computers across the network. All of the files on the victim's computer are encrypted, the master boot record is overwritten, and a message appears that demands $300 in Bitcoin. Unlike other types of ransomware, paying this fee does not give access back to the files, as the malware is designed to be unable to undo its effects on the computer.

Read More
0 Comments Click here to read/write comments

Topics: Managed Detection & Response, Information Security, Threat Management

All posts

Subscribe to our blog!

Stay Informed!

Recent Posts

Posts by Topic

see all
About Us

NetWorks Group is a Managed Detection & Response (MDR) and Ethical Hacking Service provider. We help organizations detect and respond to advanced cyber security threats through a powerful combination of our proprietary threat detection platform, expertise and security tools. Our unique approach to security not only helps you stay ahead of cyber criminals but also helps you reduce cost and increase efficiency.
More Links
Contact Us

(888) 798-1012
info@networksgroup.com
www.networksgroup.com

© 2017 - NetWorks Group