Today, a very unsophisticated phishing campaign targeted our company. In fact, there is nothing terribly exceptional about it, aside from the fact that about 25% of our employees received their own version of it and as I did a little research online, I saw many others received a similar email also. Despite the low sophistication […]
Read more
Web Application Firewalls (WAF) often produce millions of detected SQL Injection events each day. As security professionals we are obviously concerned about the success of such attacks, but struggle to sift through such high volumes of activity (see Image 1) that have a high prevalence of false positives. Here are a few ways you can […]
Across all industries smart devices are becoming the norm. This is increasing opportunity for hackers to steal data, make money, and wreak havoc. Among the most useful, yet dangerous, of these smart Internet of Things devices are medical device implants. Such implants ensure hearts keep beating at the right rhythm, sugar levels are balanced in […]
Every day our networks are scanned by hundreds, even thousands, of bots, crawlers, scrapers, search engines, and other services. While most of these scans are innocuous, some are conducted by malicious bots or bad actors seeking to find systems they can exploit. Considering the amount of noise scans create and the fact that they very […]
Google’s Threat Analysis Group discovered in late February a zero-day vulnerability (CVE-2019-5786) that exists in Google Chrome. There are reports that there is an exploit that currently exists in the wild. It is critical that all instances of Google Chrome are updated to the latest version that was released at the beginning of March 2019. […]
The Ryuk ransomware launched on the hacking scene with a bang in August 2018, netting the hackers behind it upwards of $640,000 in the first round of attacks. Since then Ryuk has continued to successfully exploit companies and organizations across the globe, resulting in over $3.6m in paid bitcoin ransoms according to Crowdstrike’s Global Threat […]
It seems like every day we hop on to the Internet, check out the news, and see a report about yet another company suffering a breach and losing control of their customers’ data. It is frustrating and can seem ridiculous that such breaches continue to occur. While breaches are frequent, fortunately, not every American has […]
A few weeks ago I posted a blog about hunting for obscure protocols as a way to proactively find malicious activity. Today, I want to talk about one of those obscure protocols, Service Location Protocol (SLP). While hunting through the billions of logs, we at Security On-Demand process every day, I found considerable activity across […]
Security monitoring and detection is a critical element of having a secure environment. It gives you visibility into what is happening on your network; without it you are blind to all kinds of attacks, exploits, anomalies, or insider activity. In an attempt to gain such visibility, enterprises often go out and purchase a high-priced SIEM […]
Ransomware is one of the most difficult threats for security monitoring and detection services and technologies to identify and protect you from. The reason for this is due to the inherent nature of Ransomware acting quickly and wanting you to know about the infection before you can do anything about it. What good does security […]
