In Information Security, Deliberate Actions Lead to Better Decisions

By: November 20, 2014
deliberate1

I’m feeling a bit like a hacker today. I think I’ll steal someone else’s blog material for a moment. Back in mid-October, Vieri Tenuta blogged about end users and awareness. In the post, he said: “A harsh reality at many… Read More

WireLurker: How to ‘Flag It, Tag It and Bag It’

By: November 19, 2014
wirelurkerhead1

WireLurker, a recently discovered malware combination that infects OS X computers, has been all the rage in the news. WireLurker earned its name because it spreads from an infected OS X computer to an iOS device once the IOS device… Read More

An Analysis of BlackEnergy3 Malware Using Carbon Black

By: November 18, 2014
blackenergy

In our first posting on BlackEnergy, Matt Larsen dissected the evolution of the malware and introduced the newest variant, “BlackEnergy3.” In this post, we’ll take a look at a specific BlackEnergy3 sample and analyze it with Carbon Black. Sample: https://www.virustotal.com/en/file/bc062acda428f55782710f9c4f2df88c26dfbc004b94b479459f8572b1219444/analysis/… Read More

“BlackEnergy” Trojan Finds New Life in Variants

By: November 18, 2014
blackenergy

BlackEnergy is a trojan that began in 2007 as basic DDoS malware. By 2010, it evolved into BlackEnergy2, a sophisticated modular trojan capable of targeted attacks. BlackEnergy2 featured: A kernel-mode driver component Support for plug-ins Rootkit capabilities (the same BlackReleaver… Read More

6 Things iLove and 6 Things iHate About Mac Security

By: November 17, 2014
mac1

I recently read an article about Mac security and I’m having a powerful LOVE/HATE reaction to it. LOVE: The article wakes up Mac users to new security concepts and realities. HATE: It tells the reader to feel reasonably safe with… Read More

How to Validate Network Alerts with Carbon Black

By: November 14, 2014
alerts1

The following is a write-up of a quick evaluation experience that demonstrates Carbon Black’s value in validating network alerts. Situation: The customer (semiconductor manufacturer) had implemented Palo Alto Networks (PAN). PAN recently started generating alerts for the customer stating that… Read More