A few weeks ago I posted a blog about hunting for obscure protocols as a way to proactively find malicious activity. Today, I want to talk about one of those obscure protocols, Service Location Protocol (SLP). While hunting through the billions of logs, we at Security On-Demand process every day, I found considerable activity across […]
Read more
Security monitoring and detection is a critical element of having a secure environment. It gives you visibility into what is happening on your network; without it you are blind to all kinds of attacks, exploits, anomalies, or insider activity. In an attempt to gain such visibility, enterprises often go out and purchase a high-priced SIEM […]
Ransomware is one of the most difficult threats for security monitoring and detection services and technologies to identify and protect you from. The reason for this is due to the inherent nature of Ransomware acting quickly and wanting you to know about the infection before you can do anything about it. What good does security […]
When it comes to security operations there are a variety of use cases we can apply and various ways to monitor data. One useful type of use case is behavioral analytics that monitors network activity for large changes in the volume of a particular activity. Fairly quickly, systems – using machine learning – can baseline […]
As the Director of the Threat Reconnaissance Unit here at Security On-Demand, I am responsible for both Threat Intelligence and much of the Threat Hunting we conduct. Our Hunting efforts focus on looking through the billions of logs that our customers send us every day – often without focusing on a particular customer – and […]
Likelihood: Moderate Microsoft released an out-of-band, emergency patch for the Internet Explorer (I.E.) browser. The zero-day remote-code execution vulnerability (CVE-2018-8653) was discovered by Google security researchers. Exploitation of the vulnerability could allow attackers to execute arbitrary code and grant them the same privileges of the current, authorized user. If that user had administrative privileges the […]
As we wrap up 2018 and move into 2019, it is valuable to take a look back and review the lessons learned from the breaches, evolutions, and developments in cybersecurity. We will be coming out with our 2018 year-in-review and 2019 outlook soon, however, we thought we would give you a bit of a preview […]
Last week Marriott International breach resulted in over 500 Million compromised records. These records contained personal and private information of individuals across the globe as well as corporate information. Undoubtedly, those of us who had their information stolen should expect phishing messages designed to steal more information or compromise your computers. So it is important […]
This morning news publications across the country reported that Marriott International, the largest hotel chain in the world, suffered a massive data breach affecting over 500 million customers. It is highly likely that this breach impacted your organization or your employees. It appears that hackers breached the Starwood International reservations site and the breach was […]
Identifying and choosing a managed security service provider (MSSP) can be time consuming and difficult. At their core many are very similar, but how do you narrow down your selection and find the one that is right for you and your organization? Among the myriad of criteria you should evaluate, here are five key questions […]
