Your Ransomware Choices: The Bad, The Ugly and The Mean

Posted by Nenad Kreculj    May 16, 2016 11:39:47 AM

You can’t read the news these days without being blasted with yet another Ransomware story. Almost daily, there seems to be a new variant, a new name, and inevitably, new victims. The rise of Ransomware shouldn’t come as a surprise, since its execution is quite simple and the demands on the victims are not onerous.

Ransomware is not like an APT (Advanced Persistent Threat) - there is no need for long-term stealth operation, no need to explore the victim’s networks and resources, no need to steal credentials and no need to quietly and patiently exfiltrate sensitive data. With Ransomware, an exploit kit opens the door, and BANG, there it is, your PC is displaying a ransom note with detailed instructions on how to pay.

Read More

Topics: Cyber Attack, APT, Ransomware

CounterTack Expands Enterprise and Integration Capabilities Across Endpoint Detection and Response (EDR) Product Portfolio

Posted by Nate Buell    Mar 1, 2016 4:00:00 AM

900% Growth in 2015 Fueled by Demand for Endpoint Security Innovation; Comprehensive IOC Remediation, Network Security Detection and Integration; Endpoint Forensics

Read More

Topics: Press Releases 2016

Do You Value Time or Knowledge? Change the Discussion

Posted by Tom Bain    Feb 26, 2016 1:34:01 PM

As we head into the final stretch before RSA, CounterTack, like most cybersecurity organizations, is realizing how critical every day, every hour and every minute is, relative to the work we are doing for our customers in protecting their IT infrastructure. 

And as each vendor, enterprise organization, partner and investor gets ready for five days of meetings, presentations, job interviews and cocktails, RSA is typically the platform for numerous announcements and cybersecurity advancements. 

Read More

Topics: cybersecurity, Next-gen endpoint security, cyber attcks, attack dwell time

Don’t “Piece” Together your Cybersecurity Solution

Posted by Phil March    Dec 28, 2015 7:00:00 AM

These days it appears the concept of a single point solution that protects your endpoints and your network is a dead dream. AV software is being replaced by more complex detection software, while whitelists and IOCs only do a fraction of the work. Keeping the bad stuff out at the perimeter has been replaced by the concept of quickly detecting and responding. 

Read More

Topics: EDR

Active Defense: Hash Sets

Posted by Michael Wood    Dec 22, 2015 11:27:35 AM

We know that SOC/IR teams suffer from alert overload on a daily basis.  Too many tools resulting in too much data being passed to the teams.  In reviewing those alerts, these folks need to review tons of data to confirm or disprove the alert validity.  SOC and IR pros look for ways to limit the data that they have to review.

Read More

Topics: Next-gen endpoint security, Hash Sets, Active Defense

Why Protection Alone Won’t Work Today

Posted by Rajendra Dodhiawala    Dec 14, 2015 9:00:00 AM

Much like the paperless office, which we talked about for years but then just seemed to happen one fine day, our recent chant that antivirus is dead will also just seem to happen one fine day. But we are not quite there yet. Reason: we are looking for the next generation endpoint protection technology to replace the once trusty AV but comprehensive protection is a long, long ways away.

Read More

Topics: cybersecurity, Next-gen endpoint security

Holiday Phishing

Posted by Michael Vien    Dec 7, 2015 7:01:10 PM

The North Pole has announced a breach exposing billions of children’s information from both past and present. Most importantly the naughty list was also exposed and may be for sale on the Dark Web.

Obviously, this is just a joke but it seems as if we hear of a new breach every week. Last week's Vtech breach using wireless toys as the vector is just one sad example. The holiday season is the time of the year when we think of family and a time to be generous and kind to others. Unfortunately, not everyone thinks this way. There are those for whom this is the most profitable time of year, and I am not just talking about the retailers on Black Friday. The cyber-criminals of the world are lurking and trying to take advantage of the good will and deal seekers during this season.

Read More

Topics: Cyber Security, Email Security, Email Phishing

A Case for Security Prioritization in Retail

Posted by Tom Bain    Nov 20, 2015 4:54:41 PM


I was shoppping with my daughter the other night for indoor soccer socks at a major sporting goods retailer here in Massachusetts. As we rolled up to the register with bright pink and purple options, I noticed something at checkout - the retailer was not ready for chip and pin credit cards. 

As I swiped my chip and pin credit card, I got to thinking...there are cyber risks everywhere, during every transaction, before and after every transaction, at any store, any company, coffee shop, airplane, airport, organization you visit...but back to the example here. 

Read More

Topics: Cyber Security, APT, CounterTack, Breaches, Breach, retail data breach, data breach, EDR, chip and pin, retail security

The Students Have Become the Masters

Posted by Nate Buell    Nov 9, 2015 11:30:00 AM

Computer hacking has long been considered a young person’s game.  Since the first hackers really got started in the early 1980’s, the vision most people have in their head is a guy in his parent’s dingy basement, wearing some type of Marvel Super Hero tee shirt, surrounded by monitors and video game systems. 

There is no doubt that this particular stereotype exists for a reason.  On numerous occasions, attacks have been conducted by basement those dwellers.  Movies like “War Games” and “Hackers” perpetuated the teen hacker mantra, possibly even inspiring the next-generation of cyber attackers as computers and the internet began to hit its stride for personal and corporate use throughout the world.  With so many different avenues to take now between social media, smart phones and susceptible corporations, teenage cyber criminals are thriving. 

Read More

Topics: data breach, talktalk, hackers, teen hackers

Data Quality in Incident Response

Posted by Phil March    Nov 2, 2015 5:59:05 PM

One of the key elements contributing to the success of IR operation is the quality of data IR team has access to. It is of no surprise that organizations today already collect vast amounts of data. However, a high quantity does not always ensure success.  In fact, sometimes the quality of the information is inversely proportional to the raw quantity of the data. 

Just like the journalist chasing a news story, the IR analyst has to be able to answer the essential questions of “Who, What, When, Where, How and Why”. With the endpoint being the primary field of battle operation today, an organization that has prepared itself for a response to an attack should be able to help Incident Responders answer those essential questions.

Read More

Topics: data breach, endpoint security solutions, Incident Response

Blog covers topics related to detecting and monitoring in-progress cyber attacks for IT security operations teams.

Subscribe to Email Updates

2014 Gartner Cool Vendor Report

Ponemon Nation State Attacks Report CTA

Posts by Topic

see all