Zero-day vulnerabilities (with their exploits) discovered and kept private by governments and their intelligence agencies are often some of the most powerful and dangerous vulnerabilities, especially when something that is meant to stay private is released to the public. Like EternalBlue before it, BlueKeep was a zero-day that the National Security Agency allegedly discovered and […]

Read more

Behavioral analytics are critical to successful security monitoring and detection. Quite simply, standard rule and signature based detection is wholly insufficient to detect today’s attacks. Unfortunately, when most organizations think about and implement behavioral analytics they only approach it through looking at human behaviors via user behavioral analytics (UBA). However, real security is better achieved […]

Read more

User Behavioral Analytics (UBA) baselines and analyzes the day-to-day behaviors of the users on our networks.  Using Active Directory, Kerberos, Linux, Content Management or other user account based logging we have the data we need to model out the normal behaviors of all accounts on the network. UBA looks primarily (not exclusively) at three user […]

Read more

Across all industries smart devices are becoming the norm.  This is increasing opportunity for hackers to steal data, make money, and wreak havoc. Among the most useful, yet dangerous, of these smart Internet of Things devices are medical device implants. Such implants ensure hearts keep beating at the right rhythm, sugar levels are balanced in […]

Read more

Every day our networks are scanned by hundreds, even thousands, of bots, crawlers, scrapers, search engines, and other services. While most of these scans are innocuous, some are conducted by malicious bots or bad actors seeking to find systems they can exploit. Considering the amount of noise scans create and the fact that they very […]

Read more

Google’s Threat Analysis Group discovered in late February a zero-day vulnerability (CVE-2019-5786) that exists in Google Chrome. There are reports that there is an exploit that currently exists in the wild. It is critical that all instances of Google Chrome are updated to the latest version that was released at the beginning of March 2019. […]

Read more

The Ryuk ransomware launched on the hacking scene with a bang in August 2018, netting the hackers behind it upwards of $640,000 in the first round of attacks.  Since then Ryuk has continued to successfully exploit companies and organizations across the globe, resulting in over $3.6m in paid bitcoin ransoms according to Crowdstrike’s Global Threat […]

Read more
Contact Us

We're threat hunting! Send us a quick email here and we will get back to you asap.

Not readable? Change text. captcha txt

Start typing and press Enter to search