By Jordan Durham I was recently reading an article which made a brief analogy between cybersecurity and a retail store. This got me thinking — could there be a deeper analogy made for cybersecurity and a supermarket, especially detection and response programs? I strongly believe that awareness is one of…

Today’s managed security service providers (MSSPs) are faced an eternal struggle when it comes to their customers. They must be able to provide a sufficient level of value while at the same time maintaining operational efficiency. This balancing act isn’t easy, especially since focusing on one side will have major…

HIPAA, GDPR, PCI, CIS, NIST. Does any of those acronyms sound familiar? Chances are, you’ve heard of several and have a general understanding of what they’re all about. …

Russel Ackoff was the one of first to define a hierarchy from data to wisdom (1). In Ackoff’s words: “Data are symbols that represent the properties of objects and events. Information consists of processed data, the processing directed at increasing its usefulness. For example, census takers collect data. The Bureau…

Comparing Sysmon and EclecticIQ Endpoint Response — Event Filters For effective information monitoring, modern security software uses sensors that generate various data types depending on the monitoring purpose. A sensor collects data and information for the attached system and to ensure a sensor system or network of sensors is effective, the noise that accompanies the collected data must first…

Earlier this year, EclecticIQ Analysts published this article detailing the inner workings of a newly observed Emotet variant. In November, another industry source published a report talking about the resurgence of Emotet after a hiatus. The report describes how Emotet is activated after remaining dormant to obfuscate the infection. The…

Chances are you’ve heard of Microsoft’s Internet Information Services, (more commonly known as IIS) as it’s one of the most popular web servers in the world, boasting a user base of over one million websites and included in the tech stack of nearly 6,000 companies. …

QAnon infrastructure and Modus Operandi drive a horizontally controlled, organically self-sustaining user community. …

Stuxnet malware was reportedly a US-Israel joint enterprise against a critical infrastructure target. The main payload was allegedly introduced on a USB device by an insider threat working for the AVID, via supply-chain compromise. Stuxnet was an original malware tailored to cause ICS (Industrial Control System) connected systems to malfunction…