Blog
We find it’s always better to fire people on a Friday….

Note: We received this from a friend in the Omaha security community. We’re not (nor was he) sure if it’s true or not, but it was too funny and serves as a good reminder regardless of authenticity, so we wanted to share.

“We find it’s always better to fire people on a Friday. Studies have statistically shown that there’s less chance of an incident if you do it at the end of the week.”
— Bob Slydell, Office Space

Well, not all the time, Bob. Allow me to explain.

On Friday, November 15, 2013, I started to receive reports of my web server being unreachable for connections originating from outside the central office. I checked my servers in a panic and found all of them were humming along like a satchel of hornets. I checked the connection with my smartphone and saw that my website was indeed unresponsive. I also checked some other work websites and saw that they were unresponsive from the outside too. Checking further, I found that not only were the DNS entries not resolving externally, all traffic was disappearing into an unanswered pit of silence. It took the ISP working a 72-hour weekend shift to fix the issue. The issue? Allegedly a technician was fired on that fateful Friday and decided to play a little real life “Grand Theft Auto: Fiber Seeking Backhoe Expansion Pack” and did some unauthorized excavating at an ISP networking site. The attached picture of the aftermath speaks volumes. Yes, those are unearthed fiber conduits. This also affected many other organizations in the Metro area. I guess it is true that you can only reduce your risks but never eliminate them, even when canning someone on a Friday.

fiber_backhoe

Blog
Next Generation Firewall (NGFW) vs. Unified Threat Management (UTM) What is the difference?

We get the question a lot in the field and during presentations, “What is the difference between NGFW and UTM?”  Andrew Plato wrote a blog article on the subject and I’d say his opinions have a lot of merit.  Certainly worth a read for those wondering about the differences or those that like to watch the information security market evolve.

http://www.anitian.com/blog/?p=251

 

Blog
Amazon Phishing Attacks

I received a really well designed phishing attack today targeted at Amazon, so I thought I’d share it in hopes that it might save a few people.

Justin Kallhoff
CEO, Infogressive

[Read the full story]

Blog
Justin Kallhoff Earns GIAC Certified Forensics Analyst (GCFA)

GCFAs have the knowledge, skills, and abilities to handle advanced incident handling scenarios, conduct formal incident investigations, and carry out forensic investigation of networks and hosts.

Blog
Infogressive Security Team Adds OSCP, GCIA and CISSP Certifications

More certifications added to the Infogressive team.

Take a look at who earned these achievements in the .pdf document located here.

Blog
Brandon Harms Interviews Premier SANS Instructor for EthicalHacker.net

A quick review of the Bureau of Labor Statistics Occupational Outlook shows us that ethical hackers will be in higher and higher demand over the next decade. With this demand, the need for a supply of highly qualified and professional information security personnel increases. The supply of highly qualified and professional personnel can only be created by organizations that can train and mentor them en masse, or rather, a large quantity of them relatively quickly…

Read the full story here at ethicalhacker.net.

Translation