Supply infiltration and exploitation by hackers was brought, yet again, to the forefront this week as Bloomberg reported that China successfully compromised nearly 30 companies through a supply chain attack that has been ongoing since at least 2015. This is the 2nd major attack in as many years – the first being the NotPetya […]
Read more
The latest version of Advanced Threat & Log Analysis Service (ThreatWatch) Version 5.02 is now available to all customers. “Customer feedback continues to be a big factor in our product development”, according to Peter Bybee, CEO of Security On-Demand. “Many of the new enhancements were driven by customer input around supporting custom reports, improved threat […]
By Steven Bay Cisco released multiple security advisories on Wednesday for vulnerabilities discovered in their products. Among these advisories was a HIGH alert (CRITICAL is the highest, followed by HIGH) for their Webex product, a commonly used virtual meeting platform as well as three CRITICAL alerts – one for Cisco Prime Infrastructure and two with […]
By Steven Bay Security researchers at Trend Micro discovered a zero-day vulnerability within the Joint Engine Technology (JET) Database Engine. The vulnerability could permit an attacker to remotely execute malicious code on any vulnerable Windows computer. The Zero-Day Initiative (ZDI) disclosed the vulnerability to Microsoft in May of this year, but Microsoft failed to provide […]
Security researchers at Palo Alto Networks discovered a new malware that targets both Windows and Linux devices and incorporates various attack methods such as Ransomware, Destruction, Cryptocurrency mining, and botnet. XBash treats Linux and Windows system differently. On Linux it operates as a ransomware and botnet. It is questionable if calling the functionality a […]
DNS is a critical protocol for the success of security operations. It contains valuable indicators that identify malicious activity such as malware command and control, data exfiltration points, crypto-jacking, ransomware, and Trojans/rootkits. As data analytics, machine learning, and data processing power continues to improve, the value of DNS continues increase despite the fact it is […]
We had a number of Security On-Demand teammates attend “Hacker Summer Camp”, otherwise known as DEFCON. In an effort to help share what they learned, we are going to post a series of short articles highlighting their interests. These topics do not always necessarily align with Security On-Demand’s primary business offerings, however they are very […]
Security On-Demand just launched their latest exceptional service – ThreatWatch Hunt. This service provides customers an additional layer of security through a pro-active automated hunt across the network seeking to identify threats – both active and dormant – that may have made it through the network defenses. It does this through an agentless scan of […]
We had a number of Security On-Demand teammates attend “Hacker Summer Camp”, otherwise known as DEFCON. In an effort to help share what they learned, we are going to post a series of short articles highlighting their interests. These topics do not always necessarily align with Security On-Demand’s primary business offerings, however they are […]
Last week we had a number of Security On-Demand teammates attend “Hacker Summer Camp”, otherwise known as DEFCON. In an effort to help share what they learned, we are going to post a series of short articles highlighting their interests. These topics do not always necessarily align with Security On-Demand’s primary business offerings, however […]
