Joe Gray


Joe Gray is an enterprise security consultant with Sword & Shield Enterprise Security, Inc. He has worked as a systems engineer, information systems auditor, senior UNIX administrator, information systems security officer and director of IT security. He holds the (ISC)² CISSP-ISSMP, GIAC GSNA, GCIH, CompTIA Security+, CompTIA Network+, and CompTIA A+ certifications. Gray also maintains the Advanced Persistent Security Blog and Podcast.


17

Oct 2017

KRACK exploit explained

A recently discovered vulnerability in the most widely used wireless security standard may be one of the biggest in years. The good news is there are precautions that can be taken to keep you and your business safe. Sword & Shield’s Corey McReynolds and Joe Gray explain: What the Attack is This attack exploits a vulnerability in Wireless Protected Access (WPA), both WPA and WPA2 encryption...

Read More


20

Jul 2017

Reverse Engineering Malware: Using Data Carving in Incident Response

Information security professionals, especially those who serve as “blue teamers” or enterprise defenders, are dealing with an evolving array of malware threats. In the blue team toolkit, one of the most important and difficult techniques is the ability to reverse engineer malware. Joe Gray, enterprise security consultant for Sword & Shield Enterprise Security, writes about his experience learning the techniques of reverse engineering malware using...

Read More


28

Jun 2017

Petya Ransomware: Older Malware, New Dangerous Techniques

by Joe Gray On June 27, 2017, the world experienced another outbreak of Petya ransomware. This article details the background of this threat and provides information on the new variant, as well as ways to prevent getting infected. Ransomware Background Ransomware is a class of malicious software that takes infected systems hostage and demands a “ransom” to unlock the system or systems. To further complicate...

Read More


27

Mar 2017

Insider Threats and What They Mean for your Business

Companies are spending more on information security solutions than ever before, but do they know the threats that can come from within their own organizations? While all eyes turn toward the looming information security threats from outside, sometimes the biggest risk is insider threats coming from an otherwise trusted employee. The information in this article originally appeared in a blog post written by Joe Gray, enterprise...

Read More


17

Jan 2017

Building the Culture to Support a Social Engineering Awareness Program

Sword & Shield Enterprise Security Consultant Joe Gray pens the first of a five-part series for CISOcast, an online resource that publishes peer-reviewed content to help information security leaders meet the challenges of real world problems to help companies build a social engineering awareness program. Today, companies are investing more than ever before on protecting their IT infrastructure. As a response, hackers and, in turn, penetration...

Read More


12

Jan 2017

From 1999 to 2017: PCI Continues to Evolve

The origins of the Payment Card Industry Data Security Standard (PCI DSS) go back to the late 1990s – the dawn of the Internet era, but despite its humble beginnings, the PCI DSS has come a long way. What began as a customer security program at VISA is now a regulatory body for nearly all retailers who want to use credit cards. Sword & Shield Enterprise...

Read More


03

Jan 2017

Joe Gray Discusses Dyn DDoS’s Effect on Supply Chain Security

Sword & Shield Enterprise Consultant Joe Gray guest posts on Tripwire’s State of Security blog. WHAT IS SUPPLY CHAIN SECURITY? In the most conventional sense, when we think of Supply Chain Security, we immediately equate it to Target and the HVAC vendor that was used to pivot into Target’s network and perform the attack on the Point of Sale (POS) systems that exfiltrated 40 million...

Read More


17

Nov 2016

Holiday Shopping Safety Series

Holiday Scams and Hoaxes By Joe Gray Because the cash flow is on the rise, the activity of cyber criminals are increasing as well. The purpose of this blog series is to educate you, the reader, about how to be safe through this season including Black Friday, Small Business Saturday, and Cyber Monday. While I try to be thorough, I cannot possibly cover everything, but...

Read More