You may not know that \u2018red teaming\u2019 refers to the practice of \u201cviewing a problem from an adversary or competitor\u2019s perspective. It seems that one of the best ways to get into a system is to be the first to find a new vulnerability in the software that no-one else has spotted. This \u2018zero day\u2019 vulnerability can be used to get malware of some kind into an organization, and, from then on, the red team own the IT system. And that\u2019s why it\u2019s a good idea to pay a team of experts rather than wake up one day and find the bad guys have found their way into your IT infrastructure.<\/p>\n","protected":false},"excerpt":{"rendered":"
Internet Explorer has been in the press over the years for the number of vulnerabilities that it once had, but nowadays, Java is a prime target for red teams because Java is meant to run on 3 million devices \u2013 providing what\u2019s called a large \u2018attack surface\u2019. <\/p>\n
Attacking the software is getting harder these days, but there\u2019s one component of an organization\u2019s computer system that is always potentially vulnerable \u2013 and that\u2019s the people who use the computers. Another technique is to send infected memory sticks to staff, who often plug them in to see what\u2019s on them, and, again, the malware strikes!<\/p>\n
Red team members can now use social media to find the names of staff as well as details of their experience, so that e-mails and phone calls from the red team can sound quite legitimate. <\/p>\n
The other part of the solution is education of staff so that they don\u2019t insert memory sticks or click on attachments from unknown sources. <\/p>\n
The red team could, perhaps, get a piece of malware onto someone\u2019s tablet, which then gets connected to network, which then starts opening security doors all the way to the mainframe.<\/p>\n
But most organizations can learn from the types of vulnerability red teams exploit, and take steps to ensure that they are not at risk from them.<\/p>\n
Link: http:\/\/it.toolbox.com\/blogs\/mainframe-world\/welcome-to-the-red-team-56048<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-241","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/241","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=241"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/241\/revisions"}],"predecessor-version":[{"id":2728,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/241\/revisions\/2728"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=241"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=241"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=241"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}