How to Keep Your Security Analysts

The Shortage… All vendors and companies talk about the security staff shortage, because it’s REAL. Though there is a large influx of tier-1 analysts who recently graduated, there are far more…


NoSQL-based stacks exposed to the Internet actively exploited

NoSQL technology has become more popular in recent years thanks to the development of new open-source NoSQL databases that are relatively easy to install, use and integrate with web frameworks. An…


Browser extensions: Hidden behind good, can be very bad

Visitinga website is a standard task for any user that uses the internet. The primary tool for viewing or visiting a website is called a web browser. A web browser allows web pages to render and…


Beyond SIEM: Evolving Correlation

Most SIEMs have a correlation engine where logic/rules are written against flows and logs to bring them to an analysts’ attention.  LogRhythm has their AI Engine Rules, ArcSight has correlation…


Dynamic Asset Discovery

By Pooja Ahuja with Xiaodan Li, Data Scientists at JASK Labs The Problem A large number of data breaches occur as a result of weak or inefficient perimeter protection. With the ever-increasing…


From Russia with Love?

From Russia with Love? Alarm bells went off last week as the United States Department of Justice (DOJ) reported that a large number of small office home office (SOHO) routers and storage devices…


Cryptocurrency & the Underground Economy

Executive Summary For years the underground economy of cybercrime has been financially motivated to constantly evolve and adopt new tactics, tools and procedures (TTPs).  Nowhere is this more…


All your passwords are belong to us

The compromise and leak of people’s passwords has become so prevalent and frequent that it is almost accepted as a normal fact of life. Recently the disclosure of a Twitter password bug that allows…


How botnets are built on mass CMS exploitation

Recent public disclosures related to very popular open-source content management systems have shed some light into the cybercrime underground’s drive for obtaining access to infrastructure that can…


Weaponizing Oracle WebLogic Vulnerabilities

One of the many ongoing challenges faced by security operations center (SOC) analysts is making sense of (and unfortunately in many cases just ignoring) the thousands of scanning events that troll…