There’s no doubt that today’s security information and event management (SIEM) solutions are powerful tools. Providing the best way to defend against dangerous cyber threats, a SIEM delivers a 360-degree...
Each day, the cybersecurity landscape is expanding in complexity and the volume of threats generated. The emergence of mobile computing and the introduction of new devices on the network opens...
IT compliance management is often a manual and tedious effort. It requires teams to monitor several IT security point products and pull together information from multiple sources to demonstrate compliance...
It used to be the case that perimeter security solutions were enough to keep the good guys in and the bad guys out of the enterprise network. The tools worked...
A Threat Intelligence Analyst on Vertek’s Cybersecurity team recently discovered a massive spam recipient list from a bad threat actor’s botnet after analyzing a malware sample that was distributed via...
Threat Summary On May 8th 2018 , Microsoft released critical security updates to patch a Remote Code Execution (RCE) vulnerability in the VBScript engine. The APT attack was discovered in...
Threat Summary This blog is regarding a memory corruption vulnerability in the equation editor of Microsoft Office that affects all versions from 2000 to Office 365. The vulnerability is being...
Summary There have been numerous reports of a new ransomware outbreak called BadRabbit, which started to spread via “drive-by” download attacks of infected sites imitating a fake Adobe Flash update....
What is DDE? DDE (Dynamic Data Exchange) is a protocol used to transfer data between applications and provides the ability for applications to launch other applications. With DDE it’s quite...
Email campaigns pushing Locky ransomware are still very prevalent and continue to evolve. Encrypted files are now appended with the .asasin extension. This particular analysis shows that the threat actors...
Our SOC has observed several cases of browser mining (also referred to as “cryptojacking”) as of late where javascript libraries are being utilized on various webpages to leverage their visitor’s...
Vertek’s OTX Public and Private Pulses provide a summary of the threat, some information regarding the software targeted, and the related indicators of compromise (IoC) that can be used to...
As you can see, our labs team is still seeing Locky is being distributed in a lot of malspam campaigns. This is just a brief variant update. When infected with...
Vertek’s security operations team has noticed website ransomware is starting to pick up steam with recent variants of AwesomeWare, a PHP based ransomware that targets vulnerable web servers and encrypts...
Locky is being distributed at mass scale via phishing and spam email attacks by two major botnets; Necurs and BlankSlate. Both are pushing Locky with the two new known variants;...
Locky IoCs extracted by our security operations center. Public Pulse | TLP: White | encrypts with extension .DIABLO6 OTX Pulse created: https://otx.alienvault.com/pulse/598b06a8104ee74f496a4691/
Glob Imposter IoCs extracted by our security operations center. Public Pulse | TLP: White | Encrypt filesystem with extension “..726” (typo??) OTX Pulse created: https://otx.alienvault.com/pulse/5981d59b675dec261d386823/
As most of you have likely heard or seen on the news, there’s a new ransomware variant called “WannaCry” that is making the rounds and in a very short period...
COLCHESTER, Vt., May 9, 2017 /PRNewswire/ — Vertek, a leading Vermont-based solutions and security provider, is gaining momentum as a strategic AlienVault Managed Security Services Provider (MSSP) partner. With a...
While it may seem that no network is safe from the dreaded data breach, Managed Threat Intelligence, a business intelligence service offering from Vertek Corp. has raised the bar for...
