Week 5 Reading Impressions, Question and New Article by Mustafa Al Shalchi

Week 5 Reading Impressions and Question:
What makes a good, buttoned-down hack complete? One will need more than just tools. I believe in these articles, we need to think holistically throughout the infiltration and exfiltration process. Footprinting is the most important step because during this face, you will gather pertinent data about your intended target (s).

Although this reading stresses on the organization’s security posture, profile of their Intranet, remote access capabilities, and intranet/extranet presence; however, I believe that Footpringting should also include looking at the organization structure, goals and aspirations. Only then, one can have a great appreciation for the organization’s strengths and weaknesses’.

In addition, successful infiltration and exfiltration practitioners are building their information database about your company’s security weaknesses. That being said, it do a good enough job, then one must focus on smaller sections within the organization; there should be ample time for analysis of the data being gathered in order form the appropriate attack strategy.

Today, certain organizations are bombarded by Denial of Service attacks and widespread virus infections which many are questioning organizations leadership ‘due care’ awareness, strategy and actions. Installation of AVS is no longer reasonable defense strategy; organization’s leadership must address security holistically. This would include but is not limited to general associate awareness, policy/procedures and finally arm the organization with skilled practitioners along with the appropriate technology to meet the need of the “right-sized” protection.

There is good news however, with many devices available to the hacker to footprint your organization’s network, organizations can employ these same tactics and use these same tools to find the weaknesses before the “bad guys” do. Thus the hope is to prepare your organization for an appropriate layered security stand.

New Article:
In the aftermath of the big App Store security breach, today Apple reminds developer’s wherethey should obtain Xcode.
For further information, please refer to the link below;
http://betanews.com/2015/09/22/apple-sweeps-aside-app-store-malware-mess/