847.221.0200  Main Office
800.925.0559  INCIDENT RESPONSE HOTLINE

Halock Blog

Cleverly Disguised Ransomware Infecting Chrome Users »

A new variant of ransomware is spreading via poorly secured websites and the Chrome Web Browser. Users are fooled into downloading what they think is a missing font pack in order to resolve the error. This attack technique is not uncommon, and has been recently reported delivering click-fraud malware, and now, ransomware. Click-fraud malware … Read More »

ALERT: CRIMINALS REQUESTING W-2s VIA SIMPLE SOCIAL-ENGINEERING SCHEME »

By Todd Hacke
Tax season is a hectic time of year for not only organizations but their employees.  This year attackers are looking to take advantage of this turbulence with a simple social engineering inquiry that could land them a gold mine of personal and financial information.  It turns out all they have to do … Read More »

CYBER SECURITY INCIDENT REMEDIATION: COMMON PROCEDURES FOR RESPONDING TO COMPUTER INTRUSIONS »


By Todd Hacke
The moment you realize you are experiencing a network-based breach, you may not know what to do. Minute one, hour one, day one, what should a technical team do to respond to a breach while it’s still in play?
While having a full incident response plan, a trained response team, and well-placed log … Read More »

ENDPOINT DETECTION AND RESPONSE: FIRE FOR EFFECT »


The modern digital landscape is a battleground rife with adversaries ready and willing to go to great lengths to steal your data. Clever independent attackers and state-sponsored actors alike are deploying increasingly effective versions of cyber-attacks intended to intrude, infect, steal, evade, disrupt and destroy everything they touch. To defend themselves, many businesses … Read More »

In the Wake of REGIN: Accounting for the State Sponsored Threat »


Recently the Symantec Corporation uncovered a highly sophisticated, modular piece of malware that has been infecting computers in a variety of countries as far back as 2008. Backdoor.regin has characteristics beyond those of modern malware and is already generally accepted as a product of nation-state cyber espionage. The implant likely took considerable resources and … Read More »