Welcome to Delicate template
Header
Just another WordPress site
Header

Don’t Let Your Users Get Sucked into the Blackhole!

November 7th, 2011 | Posted by Brett Edgar in Malware | Security - (0 Comments)

Over the past month, TRUE NSM analysts have observed a significant increase in the number of corporate web users being attacked by the Blackhole Exploit Kit.  The rate of incidents reported involving this malware is now close to two per day.  The Blackhole exploit kit targets vulnerabilities in out-of-date Java and Adobe Reader software.  A cursory examination of a few of the deobfuscated Javascript files delivered to users by Blackhole also shows evidence that Adobe Flash is being targeted and perhaps even a few Microsoft vulnerabilities by way of the Windows Media Player ActiveX control.Read more

Brett Edgar

Brett Edgar

Brett is a Founder and the Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

Twitter - More Posts

,

Anti-Malware Vendor Fight: Duqu vs. Stuxnet

November 2nd, 2011 | Posted by Brett Edgar in Malware | Security - (0 Comments)

It looks like the main anti-malware vendors are choosing sides and going head-to-head on the relationship between Duqu and Stuxnet.  So far, the fight is Symantec and Kaspersky, who say Duqu is related to Stuxnet, vs. SecureWorks and Bitdefender, who say they are not related at all.Read more

Brett Edgar

Brett Edgar

Brett is a Founder and the Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

Twitter - More Posts

,

Interesting Insights from the Latest MSIR

October 12th, 2011 | Posted by Brett Edgar in Malware | Microsoft | Monitoring | Security | Security Awareness & Training - (2 Comments)

The latest Microsoft Security Intelligence Report (Volume 11) has been released and contains some interesting information that Microsoft has collected from the execution of its Malicious Software Removal Tool (MSRT) and Internet Explorer SmartScreen® data.  Several of the results confirm what those of us in the network security monitoring community already know: Java is the most often exploited application (page xvii), Adobe Acrobat exploits account for most malicious documents (page xviii), and Adware is the most common type of malware identified (page xx).  Microsoft also stated that over a third of malware detected could spread via the AutoRun feature on removable media or on network shares.  Updates exist that help make the AutoRun feature in XP and Vista more like the one in Windows 7, which is to say more secure.  Deploy those updates.Read more

Brett Edgar

Brett Edgar

Brett is a Founder and the Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

Twitter - More Posts

,

Malware Hits U.S. AFB Where UAV Missions Are Flown

October 7th, 2011 | Posted by Brett Edgar in Malware - (0 Comments)

Apparently, a U.S. military installation where pilots command the U.S. military’s UAVs (Unmanned Aerial Vehicles), Creech AFB in Nevada, has been infected by a virus. The virus is apparently logging keystrokes but is not interfering with the pilots’ ability to continue performing the UAV missions. That’s the good news. The bad news is the base IT personnel have been unable to clean the computers without wiping the hard drives and starting from scratch.Read more

Brett Edgar

Brett Edgar

Brett is a Founder and the Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

Twitter - More Posts

Ransomware Becoming More Common

September 19th, 2011 | Posted by Brett Edgar in Malware | Security Awareness & Training - (0 Comments)

Just about everyone with an Internet connection has heard the term “malware.”  Even most home users (my dear old dad included) have heard the term “spyware,” even if they aren’t sure what it means. But have you heard of “ransomware”? Get ready, I’ve got a feeling it’s going to be the “next big (bad) thing” on the Internet.Read more

Brett Edgar

Brett Edgar

Brett is a Founder and the Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

Twitter - More Posts

,