Resources

Featured

News & Announcements

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

Stay up to date with monthly blog highlights.
  • This field is for validation purposes and should be left unchanged.
Incident Response Case Study: New worms exploiting the NSA toolkit

Incident Response Case Study: New worms exploiting the NSA toolkit

by Noah Dunker Last week, RA Labs noticed MS17-010 exploit attempts against production networks we’re monitoring, seemingly unrelated to the massive WannaCry outbreak two weeks ago. On Monday, May 22, we observed an active worm at one customer site. We immediately...

Rule of three: Patching, training and least privilege (Part 3)

Rule of three: Patching, training and least privilege (Part 3) This is the final post in our “Rule of three” series. Today’s topic is least privilege. Least privilege is a principle of access control that says no user should be granted any higher privileges than those...

Rule of three: Patching, training and least privilege (Part 2)

Rule of three: Patching, training and least privilege (Part 2) This is the second post in our “Rule of three” series. Today we’re going to talk about training. User behavior is implicated in an estimated 60 to 80 percent of data breaches.(1) Our industry commonly...

Faster than the speed of crime: the need for rapid intel sharing

Faster than the speed of crime: the need for rapid intel sharing

As of Monday September 11, RA Labs is tracking a nascent BotNet that appears to consist mostly of exploited routers. While it bears some similarity to other popular telnet “IoT” BotNets, we have not yet determined which family this one belongs to. At first, our team...