In the past few months, Solutionary has seen a great increase in the number of clients taking advantage of our Security Engineering Research Team (SERT) incident response support. Mitigating an active attack is certainly enough to keep organizations entertained for quite a bit of time, but when the attacks are over is it time to relax? 

If you are doing this correctly, your answer should be “no.”

Preparing for and mitigating attacks when they materialize is just the start. Many organizations fail to realize that after the attacks are over, a lot more work is still required. As an example, let’s say your organization identified a successful SQL injection attack allowing attackers to steal your data. You’ve found the vulnerability, patched it, and are ready to move on with your day-to-day organizational agenda,... read more >

So, being a full-time Incident Response Team Lead (IRTL) for the Solutionary Security Engineering Research Team, I bet you’re thinking I’m going to start chatting about incident response. Your guess would be right. My intent here is to focus on the small details that may be overlooked when creating an incident response plan. This is just the first of a series of blogs where I will discuss some of the more important topics in incident response. In each, I will highlight some frequently overlooked key details. These details often make the difference between a very difficult incident and a manageable one.

As this is my first blog with Solutionary, it is worth mentioning that I uphold a philosophy to keep discussions short and simple with no fluff. In our culture and society, information overload is commonplace. This often becomes a problem, especially... read more >

I was on a sales call recently when a client requested an example of how our Security Engineering Research Team (SERT) provides specific security intelligence that results in the protection of the client base. This was a great question, and I wanted to take a moment to provide a real-world example of the value that SERT delivers to both the client base and the security community at large.

Malware Reverse Engineering

SERT performs ongoing malware and threat analysis, and regularly provides consumable threat intelligence to the rest of the Solutionary engineering teams. In one particular case, SERT obtained an image of a suspected infected machine residing on a client network. SERT performed a full analysis of the image and isolated the malware specific files. SERT then performed reverse engineering using advanced static... read more >

The month of October is one of my favorite months – the hot mugginess of the Southeast turns to more comfortable temperatures, football season is in full swing and celebrations like Halloween and Oktoberfest give us an excuse to party like rock stars (or at least wannabe rock stars). Of course, none of those things have the least little bit to do with IT security.

October 2012 is the ninth annual Cyber Security Awareness Month (NCSAM), sponsored by the National Cyber Security Alliance (NCSA). Sure, it’s nothing like Oktoberfest, but it is a reason for those of us in the IT security community to educate businesses and consumers about IT security and keeping themselves safe on the Internet.

Informing... read more >

The Internet Crime Complaint Center (iC3) has released a Fraud Alert detailing increased fraudulent wire transfer activity observed across the financial services sector. Although we urge close review of the report and its recommendations, the Solutionary Security Engineering Research Team (SERT) provides a brief summary below.

The alert is based on FBI reports of increased activity of fraudulent wire-transfers occurring just prior to large-scale Distributed Denial of... read more >