Timely Threat Intelligence and Commentary

Intell Blog

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Login
    Login Login form
As details emerge regarding the Equifax hack, we all seem to get more and more angry.  If the details released thus far are any indication of the level of baby-town frolicks that were going on with cyber-security at Equifax (default passwords, unpatched old vulnerabilities, etc.), then all of u...
Posted by on in INTELL BLOG
Malvertising: Still A Potent Cyber Threat    by Mark Gregory - Maverick Cyber Operations SME     Malvertising is the name given to criminally-controlled advertisements designed to intentionally infect victims (both individuals and businesses).  The infected ads can be...
Another Case For Behavior Analytics:   Hijacking Windows User Sessions       WHAT IT IS   Recently, security researchers identified, and Microsoft confirmed, that an insider (local) attacker can gain access to any local user accounts on a Windows machine to escala...
Ransomware is malware that encrypts the contents of hard drives with a key and then demands payment of a ransom in return for access to the encrypted files.  Ransomware cost businesses an estimated billion dollars in 2016, and the trend of ransomware use is rising.       In ...
Ransomware is malware that encrypts the contents of hard drives with a key and then demands payment of a ransom in return for access to the encrypted files.  Ransomware cost businesses an estimated billion dollars in 2016, and the trend of ransomware use is rising.       In ...
As many of you have read in the news, Apple is currently resisting government demands that they provide a way to break the security of iOS to help with the investigation into the San Bernardino shooters.  On the surface, this sounds like a laudable request: the government's desire to find key...
Adversaries are taking advantage of the new Windows 10 Update announcement to lure users into executing their malicious payload.  Unfortunately, when a user that falls victim to this campaign the ransomware CBT-Locker is installed and encrypts the victim’s data.  The spammer then holds...
A critical vulnerability in Android's multimedia playback engine is easy to exploit, requires no user interaction, and affects 95 percent of Android devices.  That is an estimated 950 million devices.       The vulnerability is trivial to exploit. Purportedly, all the hacke...
The recent compromise of the Office of Personnel Management (OPM) has lead to the inevitable scams that follow.  The latest are direct phone calls to individuals at home.  In these calls, the caller states that - as a result of the leak of personal data from the OPM hack - OPM owes that pe...
Posted by on in INTELL BLOG
According to recent research, one in 10 Americans are getting their news from Twitter, while four in 10 are getting it from Facebook.  In a study of more than 2,000 Americans conducted by the Pew Research Center, 63% of users surveyed said they were getting there news from Twitter and Faceboo...
Maverick hires the best and brightest.  Those who think, and do, beyond the norm.  The norm doesn't work, and good enough never is in cyber.  Today, our own Shannon Praylow was recognized by NextGov as one of the Top-10 Women in Cyber.  We are very proud of her, and very happy t...
Posted by on in INTELL BLOG
The latest round of Adobe Flash vulnerabilities proves once again it is time to disable or remove Adobe Flash from all your devices where possible. The news continues to be filled with new zero-day vulnerabilities associated with this product. The latest leak from the Hacking Team has illustrated ...
  The OPM hack demonstrates the numerous and continuous flaws in government cyber defense. It is the second (disclosed) OPM breach in the past year alone.  The data was not encrypted.  The extent of the damage was not understood.  The best practices that should have been in plac...
Posted by on in INTELL BLOG
  The IRS announced today (http://www.irs.gov/uac/Newsroom/IRS-Statement-on-the-Get-Transcript-Application) that over 100,000 tax payers’ accounts have been exposed in a hack which exploited the Get Transcript Service (http://www.irs.gov/Individuals/Get-Transcript).  Get Transcript is a...
Radio Shack, a company going bankrupt, is looking for a way to pay creditors.  They recently decided one of their valuable assets to make available for sale is customers' personal information.  This is information they persuaded customers to provide in order to, they said, deliver a be...
Since last Thursday the cyber news has been abuzz with articles and commentary on PC maker, Lenovo, pre-installing an application, Superfish, on all their new PCs for the past year.  This has caused much consternation as issues have been raised in the past that Lenovo (a Chinese company) has ti...
This past week saw the release of the third 0-day vulnerability, already being exploited in the wild, against Adobe’s Flash software.  Because of its lengthy popularity as an online media player and gaming software, Flash is one of the biggest threats to Internet security – from the corpo...
This week Anthem admitted that it had been hacked, exposing the personal data and medical history of more than 80 million people.  And, shocker, they didn’t encrypt any of the Social Security Numbers (SSNs) of their customers.  The lawsuits have already commenced against the second big...
Morgan Stanley recently announced that a former member of their Wealth Management Team had (allegedly) stolen the personal information of 350,000 clients (http://finance.yahoo.com/news/morgan-stanley-says-wealth-management-162540421.html).  He allegedly posted 900 of them online in an attempt...
Everyone seems to want to know whodunnit when it comes to the hack of Sony Pictures.  Was it North Korea?  A hacker group like LizardSquad who claims credit?  A disgruntled Insider? The truth is, for a Computer Network Defender (CND) the answer is not whodunnit – but who cares. &nb...
Kaspersky Labs security researchers recently released a report on the Darkhotel espionage campaign.  Darkhotel is a 4-year targeted effort by an unknown adversary actor directed at specific corporate executives and heads of state.  Darkhotel actors compromise high-end hotel networks and WI...
For the past two years, Verizon Wireless customers have been giving up their private information (who they are, where they surf, what they view, etc.) to advertising partners paying Verizon for the data.  Verizon alters the HTTP header information to place tracking data in it which then helps t...
Revelations continue to surface in the news over the theft and misuse of people’s private photos on their mobile devices by California Highway Patrolmen.  Patrolmen under investigation have revealed that when taking certain women into custody they abscond with their private photos on their ce...
Posted by on in INTELL BLOG
On Wednesday, Ponemon Institute will release its annual Global Report on the Cost of Cyber Crime.  According to a DarkReading.com article on the subject of the report, it states that the cost to clean up a cyber incident has increased 23% over 2013.  Twenty-three percent.  The report ...
Posted by on in INTELL BLOG
Apple released a new set of challenge questions after the recent spate of celebrity compromises and nude photo leaks.  The purpose was to improve the security of the questions and make it more difficult for would be hackers to social engineer easy answers to simple questions.  The problem...
A recent article in CSO Online citing American Youth as 'clueless' on cyber got me thinking about an issue that has been bugging me for a decade.  We are becoming a nation of "users".  Read the latest installment of Maverick Cyber Musings here. Maverick-Cyber-Musings---Digital-Ignorance_...
The BASH Bug you have been hearing about in the news is as bad as it sounds.  Read why you care and what you can do about it here.   Maverick-FLASH-ALERT_BASH-Bug_25Sep14.pdf...
With all the Point of Sale security breaches this year, Maverick is reintroducing our "Wall of Shame!"  Look for it in October!...
Robert Bagnall, CEO of Maverick, was interviewed by Politico recently on Russian hacking in retaliation to US sanctions.  The article is here:   Banks warned to brace for Russian cyberattacks By Joseph Marks 5/27/14 6:09 PM EDT U.S. banks and financial service companies should be ...
What It Is   A serious security flaw has been discovered in the popular open-source authorization and authentication services, OAuth 2.0 and OpenID. The vulnerability allows an attacker to use a covert redirect technique within the login system that could compromise sensitive user data or r...