Author Archives: Rico Valdez

All posts written by Rico Valdez

Using Bit9 + CB to Counter Microsoft OLE 0-day

By: October 22, 2014
olemic

The latest Microsoft vulnerability is out, unpatched and currently being leveraged in targeted attacks. While we anxiously await an official patch, Bit9 + Carbon Black customers can detect, prevent and remediate attacks exploiting this vulnerability today. Yesterday, Microsoft released a… Read More

Bit9 + Carbon Black Update on the Bash Bug “Shell Shock”

By: September 30, 2014
Bash Bug Shell Shock

September 30, 2014 Update:  “We wanted to give an update on this issue. It appears that Florian Weimer has written a patch that effectively closes the hole found in Bash, as well as those that remained after the initial patch (and… Read More

Bit9 Blocks Recent IE 0-Day

By: May 2, 2014
iebox

Earlier this week, Microsoft announced another 0-day vulnerability in Internet Explorer that was being exploited in targeted attacks. As expected, this set off a scramble for answers to many questions, the most relevant being: “How can I defend against this… Read More

2 Million Passwords Stolen… Is Anyone Surprised?

By: December 13, 2013
Password Banner image for blog

Trustwave’s SpiderLabs blogged last week about running across a cache of nearly 2 million stolen credentials. What makes this a little different than other large password caches recently discovered is the fact that the credentials found were not associated with a single website. Unlike the account leaks reported by Adobe, LinkedIn, Twitter, etc. (I could continue far longer than I’d like), these credentials were gathered not by the compromise of a single website or database, but from the end-user systems themselves. Continue reading

Leveraging Bit9 Custom Rules to Block Latest IE 0-day Attacks

By: October 3, 2013
IE

There’s been a great deal of media coverage recently about the latest Internet Explorer zero-day. While there is not yet an official patch available, Microsoft did blog about a ‘Fix it’ it released a couple of weeks ago. While the… Read More

Black Hat 2013 and DEF CON 21 Recap

By: August 8, 2013
Security Unlocked

The annual Black Hat and DEF CON conferences in Las Vegas have come and gone. These cons are generally accepted to be the most significant gatherings for those in the infosec space. In keeping with the growth of prior years,… Read More