Cleverly Disguised Ransomware Infecting Chrome Users
Cleverly Disguised Ransomware Infecting Chrome Users. A new variant of ransomware is spreading via poorly secured websites and the Chrome Web Browser. Users are fooled into downloading what they think is a missing font pack in order to resolve the error. (more…)
RANSOMWARE: CURRENT STRAINS, ATTACK VECTORS AND PROTECTION
Staying ahead of security threats is no easy task. One threat that should definitely be on your radar is ransomware. From hospital heists to attacks on schools and other businesses, ransomware is costly and is projected to be one of the biggest threats in 2016. According (more…)
Proven Ways to Combat Ransomware
Proven Ways to Combat Ransomware. Ransomware stole a lot of headlines in 2016 and rightfully so. Every type of organization was afflicted by its intrusion this past year, even healthcare. With revenues of over $18 million dollars in 2015, it’s a safe bet that Ransomware isn’t going anywhere in 2017. That’s because it is highly profitable and thanks to the new prepackaged multi-level (more…)
How to Quickly Respond to Computer Intrusions – HALOCK
The moment you realize you are experiencing a network-based breach, you may not know what to do. Minute one, hour one, day one, what should a technical team do to respond to a breach while it’s still in play?
While having a full incident response plan (IRP), a trained response team, and well-placed log repositories are optimal, in our (more…)
INCIDENT RESPONSE: KNOWING YOUR OBLIGATIONS IN THE EVENT OF A SECURITY BREACH
Your organization just experienced a data security breach. All of the data that was entrusted to your organization to be kept safe is now “out there” on the Internet. Your organization doesn’t have an incident response plan (IRP). Who do (more…)
ENDPOINT DETECTION AND RESPONSE: FIRE FOR EFFECT
The modern digital landscape is a battleground rife with adversaries ready and willing to go to great lengths to steal your data. Clever independent attackers and state-sponsored actors alike are deploying increasingly effective versions of cyber attacks intended to intrude, infect, steal, evade, disrupt and destroy everything they touch. To defend themselves, many businesses are investing in a variety of technologies and techniques (more…)
In the Wake of Backdoor.Regin: Accounting for the State Sponsored Threat
Recently the Symantec Corporation uncovered a highly sophisticated, modular piece of malware that has been infecting computers in a variety of countries as far back as 2008 – Backdoor.regin has characteristics beyond those of modern malware and is already generally accepted as a product of nation-state cyber espionage. The implant likely took considerable resources and time to create and has several (more…)
How to Secure Your Assets from Cyber Sewage
There I was, ankle deep in raw sewage, incredulous that for the second time this summer, my basement was filling up with foul smelling murky waste. As I looked hopelessly at my wife while the water level continued to rise, I angrily thought to myself, “What else can I do?” Didn’t I shell out some (more…)
As Part of Your Incident Response Plan, Make Sure There are Needles in Your Haystack
Incident Responders take a lot of pride in finding that ‘Needle in the Haystack’ when conducting data breach investigations. The thrill of forensics lies in finding the tiniest clue that unravels the story of how a breach occurred and what exactly was compromised as a result. But the reality is that during forensic investigations, there is not always a needle in the haystack (more…)
A Word about the Target Data Security Breach
What happened to Target® last week is every business’ worst nightmare. We’ve received a number of inquiries regarding the security breach incident from concerned clients and friends and wanted to share a few insights. (more…)
