Tag Archives: SIEM

In the Wake of Backdoor.Regin: Accounting for the State Sponsored Threat

Recently the Symantec Corporation uncovered a highly sophisticated, modular piece of malware that has been infecting computers in a variety of countries as far back as 2008 – Backdoor.regin has characteristics beyond those of modern malware and is already generally accepted as a product of nation-state cyber espionage. The implant likely took considerable resources and […]

All Done with Shellshock? Get Ready for the Next One.

Why read another article on the Shellshock bug when there have been a number of well-written articles and blog posts on it? Because almost all of the articles and blogs are talking about the bug itself, how it can be exploited, and how much of the Internet is open to it. However, what you should […]

SEIM Many Logging Options – What to Do?

Log and Security Event Information Management (SEIM) are two of the 20 Controls that SANS lists for network security. They are also some of the more controversial ones. Logs are very much like digital fingerprints for one’s network and applications. It has great value for both noticing exploits (visibility) and forensically investigating those which have already […]

HALOCK INVESTIGATES: Network Chatter from China

Network Chatter from China Imagine one hundred container ships full of the most valuable U.S. assets heading to China every day. Diamonds, gold, oil, John Deere Tractors, priceless artwork, Chevy Corvettes, life-saving artificial hearts, books from our historic libraries, soybeans, the latest Intel® processors, Redwood trees, the genuine Constitution of the United States of America, […]

HALOCK INVESTIGATES: “ZERO TOLERANCE”

HALOCK Investigates. An all-too-common cyber-crime today is spoofing, which is the practice of deceiving people into believing an email or website originates from a source that it does not. In a recent case we are investigating, the perpetrator substituted a number in the URL to mimic the actual URL with the hopes that the recipient wouldn’t notice […]