Introducing Our Newest Partner: HealthGuard

We are excited to announce our new partnerships with HealthGuard, a health security and risk management services company. We are providing them with a full suite of Managed Security Services for their customers and partners, including HIPAA Essential, PCI Complete, managed firewall, intrusion detection and prevention, log management, and web application firewall (WAF). Additionally, HealthGuard [...]

Zero-day Vulnerability in Adobe Reader and Acrobat:

By Adam Lapay (SOC Anylst) The IT Security Industry is up in arms with discussions involving a new zero-day vulnerability exploiting Adobe Systems Reader and Acrobat. Identified on 12/6/11, this exploit can be found on almost all platforms of Adobe Reader including:  Windows (9.x) UNIX (9.x) and Reader X for Mac (10.1.1). This new exploit, [...]

Buying Peace of Mind with StillSecure and Hostway

We all have tasks we should work on but for some reason, they never seem to reach the top of the pile. In our personal lives, this can be anything from cleaning the oven to picking up the dry cleaning. In our work lives, these projects usually include things like expense reports, low priority emails, [...]

“Morto”, a new worm spreading in the wild, by Rory Smith, SOC Analyst

The Morto worm has been detected on Windows based machines, most notably devices running Windows Server 2003 R2 and Windows XP.  What’s new with this worm is the way in which its spreads; whereas worms commonly propagate utilizing e-mail services or known vulnerabilities/exploits, Morto attempts to spread itself via RDP on a network. RDP (Remote [...]

The use of legitimate channels to distribute malicious software to users, by Rory Smith, SOC Analyst

With security companies recording known and popular domains used for spreading malicious software, malicious users are constantly looking for new channels to launch their illegal campaigns. A growing trend in the wild is the distribution of malicious code through legitimate domains. A recent victim to this kind of activity would be none other than Amazon [...]

The recent memory corruption vulnerability in Microsoft Excel By Cesar Salas, SOC Analyst

Another vulnerability has popped up affecting Microsoft Excel, that allows an attacker to execute code as the local user logged in to the device in question.  Microsoft Excel is a widely used spreadsheet program.  It has been confirmed that the memory corruption would allow a user to execute code at locally logged on level privileges.  [...]

The Corporate Security Halftime Report: Corporations: 0 Hackers: over 9000! by Rory Smith, SOC Analyst

We are finally halfway through what seems to be one of the most active years in terms of cyber warfare. In the last six months we have seen a variety of industry giants fall prey to malicious attackers. Fox, Google, Lockheed Martin, HB Gary, Sony, PBS, Nintendo, CIA, RSA and the US Senate have been [...]

StillSecure delivers File Integrity Monitoring Services

File Integrity Monitoring Helps Companies Identify and Remediate Imminent Security Breaches Superior, CO – June 21, 2011 – StillSecure®, a managed network security solutions and certified compliance company, today introduced the StillSecure File Integrity Monitoring Service for organizations seeking to ensure that their systems have not been compromised and those currently struggling with regulatory compliance [...]

A New Method of Code Obfuscation, by Miguel Brito, SOC Analyst

Code obfuscation is not really anything new. Malware authors are always on the lookout for new techniques to allow them to avoid detection by security products. Common exploit toolkits have even begun to use obfuscation to hide the methods they use to install malware on a victim’s Web site. Spammers also employ obfuscation and non-printing [...]

Rotten Apples, by Diego Ramirez, SOC Analyst

The cult of Mac has gotten a massive blow this past month as one of its tenants, “Macs don’t get viruses or malware”, was ripped to shreds with the advent of the Mac defender malware.   Mac Defender is a type of malware (also referred to a scare-ware or hijack ware) in which software is installed [...]