GeekMemos


I brag about how awesome infosec is. More often than not I will complain about a thing or two. Basically, no catchy lines here, just some honest thoughts and advice.

Ransomware and Healthcare Organizations

The Office for Civil Rights OCR seems to consider all ransomware events a breach unless proven otherwise. This is because successful ransomware incidents affect all three aspects of data security (Confidentiality, Integrity, and Availability). Specifically: Confidentiality: Ransomware gained access to your data and encrypted it. This unuathorized access violated the confidentiality. Integrity: Once a threat actors gains access...
Read More

Lessons from BSides ATL and ISSA GA

BSides Atlanta: Ransomware is adapting to evade countermeasures Train your users to identify phishing emails Manually test your backups at least monthly or depending on how many days worth of data you are willing to lose How do I recover from a ransomware outbreak? Remain calm Isolate the machine from network Look online for a decrypter Got backups?...
Read More

Studying for CEH

Well, it has come to this; I am studying for EC Council's Certified Ethical Hacker exam now. Don't get me wrong, the content of the course is great. It gives you good foundation. However, I have not found it difficult yet and what I don't find difficult, bores me. I prefer Offensive Security Certified Professional (OSCP) myself. It...
Read More

A Healthy Dose of Ransomware

Healthcare continue to be a prime target for ransomware. All hospitals, small and large, seem to be on a hit list. Hospitals around the U.S. are reporting ransomware incidents. In fact, HHS has stepped in with its guidelines on ransomware and claims a ransomware incident is a data breach unless the hospital can prove no data exfilteration...
Read More

Stop Using MS Word/Excel "Restrict Editing" Option

Clarification: These methods only work for documents that are "restricted for editing". It does not work for files that are "password encrypted". Microsoft Word stores passwords hashes and salts inside the document. Method 1: Rename filename.docx file extension to filename.zip Open resulting zip file in 7zip. Navigate to word folder inside the zip file. Open settings....
Read More