Security Operations Center (SOC)


12

Dec 2016

SOC Warning: Stealthy Stegoloader Can Evade Analysis Tools

By Lee Tibbals and Brian Lowe An interesting relic from the past came to visit recently in the form of a threat called Steganography. Steganography is a well-known and ancient practice of concealing a file, or a message inside of another file or message. The first recorded uses of steganography are accepted to have been around 440 BC in ancient Greece, where a message was...

Read More


29

Mar 2016

Sword & Shield’s MSSP Deploys Samsam Ransomeware Protections

Although it has been around for a few months, Samsam is the newest ransomware campaign surging and is targeted at the healthcare industry. SamSam infects machines differently than traditional ransomware such as crypto-locker.  It does not spread by spam/phishing emails, it actively scans for vulnerable servers that have unpatched software on the network. Unlike other ransomware campaigns, there is no need for any user action...

Read More


20

May 2015

Sword & Shield’s SOC is Monitoring New FREAK Vulnerability

As new details continue to emerge about the latest Freak related vulnerability, Sword & Shield’s Security Operations Center (SOC) is keeping a close eye on its customers’ networks.  The latest is entitled, “LogJam,”  a man-in-the-middle attack. Given the right circumstances, it can provide an attacker the ability to read encrypted data.  Although it is not a simple task, it is possible.  The SOC has already seen...

Read More