Florida officials disclosed a possible breach of medical files that contained personal identifiable information (PII). The state’s Agency for Health Care Administration stated in a press release that an employee “was the victim to a malicious phishing email” on November 15, 2017. This breach has the potential of exposing up to 30,000 records. Initial findings […]
Security researchers discovered that there are security bugs in the kernel of nearly every computer system that is capable of being exposed and exploited referred to Meltdown and Spectre. Outside of the software residing on a computer, the problem resides on the CPU itself. As an article published by TechCrunch.com explains: In modern architectures, there […]
Security researchers at the Kromtech Security Center, providers of MacKeeper and PCKeeper Anti-virus services, reportedly discovered that unidentified hackers obtained the personal information of 19+ million California voters. It is currently unknown if the data was obtained via an intrusion into the California state information systems. Nevertheless, the Secretary of State’s Office – responsible for […]
**To our Customers – If you have not received a critical notification from us, then we have not detected any Bad Rabbit activity in your monitored computing environment.** Likelihood (SOD Customers): LOW It looks as though Bad Rabbit (an almost NotPetya clone) is another targeted attack against Russian and Ukrainian entities with broader, unintended infection vectors outside their […]
On October 17, 2017 a new CVE was created for a Zero-Day flash exploit discovered by Kaspersky. The exploit is linked to a threat actor group called BlackOasis. This threat actor group is known for the assisted development and deployment of the FinSpy malware, often sold to nation states and other law enforcement agencies for […]
Likelihood: MEDIUM A significant vulnerability was discovered in the WPA1 and WPA2 protocol – used by nearly all modern protected WiFi networks. The attack is called a Key Reinstallation Attack (KRACK) and it allows hackers to effectively view and read encrypted traffic. As a result, hackers could view plaintext data that is WiFi encrypted such […]
What’s the Story? Yesterday, Equifax announced it suffered a massive data breach that may have resulted in the personal data of up to 143 million people being compromised by currently unidentified hackers. The compromised data reportedly includes full names, birth dates, social security numbers, addresses, and, in some cases, driver’s license numbers. It is currently […]
Attending DEF CON 25 is an annual rite of passage for many members of the Security On-Demand SOC. It presents a unique opportunity to hone network hunting and cybersecurity skills, learn about the latest and greatest threats and exploits being developed today, and network with other like-minded cybersecurity professionals. Our SOC Team came back energized. Right […]
The Breaches are Coming! We are slightly more than halfway through the year, and yet from January to May, forty-two percent of high-level federal IT managers surveyed in new research reported experiencing a data breach in the last six months. According to a survey in The Hill, one in eight said their systems weathered a data breach […]
It increasingly is looking like this was a targeted attack against Ukrainian entities with broader impact; not a wide-ranging global ransomware attack.