If you’ve followed data breaches over the years you will notice that no industry is safe – which is no secret to anyone. But what may be surprising is the amount of Universities and local governments (including States) are targeted by hackers. Perceived of Lack of Security Being either government or non-profit (in the case […]
Read more
This morning US-CERT published a malware analysis report on a North Korean trojan they call “TYPEFRAME”. The report contains 11 malware samples that targeted Windows machines using executables and a macro-enabled Microsoft Word document. TYPEFRAME appears to have much of the expected functionality of an Advanced Persistent Threat type malware; including connecting to C2 nodes […]
Everyone uses Email; business and society can not seemingly function without it. Like most other communications technology, Email can be sent unsecured or encrypted. As is no secret, people use encrypted email to send information to others that needs to be kept private; away from the prying eyes of the government, public, or anyone else. […]
A new malware called VPNFilter has been quietly permeating across the internet and has compromised over 500,000 home and business networking devices across the globe. This malware has similar features to the old BlackEnergy botnet that was suspected to be tied to Russian state hacking and was used to launch attacks on global critical infrastructure […]
Blaze’s security blog recently reported that Satan ransomware added the EternalBlue exploit to improve the ransomware’s propagation. You may remember that a year ago (May 2017) the WannaCry ransomware outbreak was the first to use EternalBlue and it successfully compromised hundreds of thousands of computer systems in a matter of hours across the globe. Since […]
We are excited to announce that our latest version of Advanced Threat & Log Analysis Service (ThreatWatch) Version 5.01 is now available to all customers. Version 5.01 has several important enhancements that are summarized below. “Customer feedback continues to be a big factor in our product development”, according to Peter Bybee, CEO of Security On-Demand. […]
The Internet of Things is an exciting and innovative technological evolution that is changing the way we live, do business, and interact. The IOT provides improvements in efficiency, convenience, and overall business processes. Such technological advancements are welcomed and ought to be embraced. However, from a cybersecurity standpoint, the IOT causes more problems and challenges […]
Security On-Demand’s CEO, Peter Bybee, and Director of the Threat Reconnaissance Unit, Steven Bay, sat down for RSA TV for a chat about how to prepare for the worst day of your career. Steven was Edward Snowden’s boss at the time that Snowden fled the country to Hong Kong with millions of Top Secret NSA […]
Oracle issued a critical patch update this week which provided 254 security fixes, including patches for the Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) vulnerabilities. These fixes apply across much of the Oracle product family. A complete list of products this update applies to is listed in the Oracle advisory. It is recommended that organizations […]
USCert issued a joint Technical Alert informing the public of widespread attacks by Russian state-sponsored actors against network infrastructure devices. Targets are not limited to any one sector as the hackers both look for targets of opportunities as well as specifically targeting particular organizations (none are specifically identified however). The Russian actors are compromising routers […]
