**To our Customers – If you have not received a critical notification from us, then we have not detected any Bad Rabbit activity in your monitored computing environment.**   Likelihood (SOD Customers): LOW It looks as though Bad Rabbit (an almost NotPetya clone) is another targeted attack against Russian and Ukrainian entities with broader, unintended infection vectors outside their […]

Read more

What’s the Story? Yesterday, Equifax announced it suffered a massive data breach that may have resulted in the personal data of up to 143 million people being compromised by currently unidentified hackers. The compromised data reportedly includes full names, birth dates, social security numbers, addresses, and, in some cases, driver’s license numbers.  It is currently […]

Read more

Attending DEF CON 25 is an annual rite of passage for many members of the Security On-Demand SOC. It presents a unique opportunity to hone network hunting and cybersecurity skills, learn about the latest and greatest threats and exploits being developed today, and network with other like-minded cybersecurity professionals.  Our SOC Team came back energized. Right […]

Read more

U.S. Cert released an alert providing technical details of the HIDDEN COBRA hacking group. HIDDEN COBRA (AKA Lazarus Group or Guardians of Peace) are allegedly tied to the North Korean government and have constructed a large botnet and intrusion infrastructure.

Read more

Leaks, After Leaks, After Leaks Recently there has been a rash of leaks from inside the two major U.S. intelligence agencies, the CIA and the NSA.  In the case of the CIA, WikiLeaks, via Vault7, released a slew of hacking tools that the CIA “lost control” of. Similarly, the group Shadowbrokers came into the possession […]

Read more