Profile cover photo
Profile photo
ESPO Systems
11 followers
11 followers
About
Posts

Post has attachment
To Russia with Love... via HTTPS
Yes... we know the famous James Bond movie was titled, "From Russia with Love", however, in this case we're going to Russia.  What?  Well.... as previously noted here , the botnet owners are starting to phone home via encrypted channels.  We have a similar ...
To Russia with Love... via HTTPS
To Russia with Love... via HTTPS
esposystems.blogspot.com
Add a comment...

Post has attachment
Phone Home via HTTPS/TCP:443
It's happening! The malware authors are transitioning from HTTP to HTTPS as the callback mechanism to their Botnets.  Per this Forcepoint Sandbox Report , you'll see that a Microsoft Word File w/bad macro is propagating today with a very low catch rate... u...
Phone Home via HTTPS/TCP:443
Phone Home via HTTPS/TCP:443
esposystems.blogspot.com
Add a comment...

Post has attachment
WannaCry Defense
After several days there is still much speculation regarding how this Microsoft Vuln (CVE-2017-0145) is initially being exploited.  This is due to the fact that the worm spreads via SMB so aggressively after infestation that it's hard to back track.  Howeve...
Add a comment...

Post has attachment
Keeping up with evolving cyber security needs
As VP of Worldwide Channel Sales and Operations at FireMon, Mr. Kurt Mills, via his years of building Top Tier Vendor Partner Programs, is uniquely positioned to identify effective Cyber Security strategies.  After all... his resume highlights a who's who o...
Add a comment...

Post has attachment
Dirty Cow (CVE-2016-5195)
Beware - Dirty Cow is a local privilege escalation vuln just publicly announced.  How bad is this?  Very... this provides root access!  Check out the following video for description: Not good right?  No worries... CentOS/Redhat will have a patch.  Ummmm... ...
Dirty Cow (CVE-2016-5195)
Dirty Cow (CVE-2016-5195)
esposystems.blogspot.com
Add a comment...

Post has attachment
Malwarebytes... Really???
Remember when we were all throwing Malwarebytes onto the desktops?  It was all the rage for a while.  Seems as if that ship has sailed.  Case in point: - On Monday, October 3rd, a Microsoft Word document with malicious macro began propagating across the int...
Add a comment...

Post has attachment
The Death of Commercial AV Products - Part Deux
Microsoft Word file with Malicious Macro being distributed via email this morning.  AV Detection Rate is currently very low for Stage 1 of this attack: Thankfully the Forcepoint Sandbox is detecting it for us due to a number of indicators... including a sim...
Add a comment...

Post has attachment
The Death of Commercial AV Products
We keep beating the drums... reduce what is most likely the largest line item in your Security Expense Budget, Anti-Virus.  Another data point to make our case: 1. Microsoft Word file propagating the Internet as of ~8amCDT was detected by our Forcepoint San...
The Death of Commercial AV Products
The Death of Commercial AV Products
esposystems.blogspot.com
Add a comment...

Post has attachment
QUIC Best Practice
As
we all know, Google has a habit of updating their code frequently.  From a Feature Perspective that is obviously good.  From a
Security Perspective this can create a problem.  For example, if you have
a DLP Endpoint Agent installed to identify/block conf...
Add a comment...

Post has attachment
QUIC Best Practice
As
we all know, Google has a habit of updating their code frequently.  From a Feature Perspective that is obviously good.  From a
Security Perspective this can create a problem.  For example, if you have
a DLP Endpoint Agent installed to identify/block conf...
Add a comment...
Wait while more posts are being loaded