DeepSeas Monthly Cyber Threat Intel Rollup – August 2024
Stay ahead of cyber threats with DeepSeas’ Monthly Cyber Threat Intel Rollup.
API Penetration Testing by DeepSeas RED
Why is it important to use Application Programming Interface (API) penetration testing from DeepSeas RED? More and more companies are exposing APIs to their customers directly, for their applications to call to obtain information and present it to users in a consolidated manner. Any time these APIs are exposed, it
Red Team Engagements by DeepSeas
Why is it important to use DeepSeas RED for red teaming? It is crucial that your organization not only prevent security threats but can also identify and neutralize threats that have successfully infiltrated their environment. Red team testing allows you to baseline your organization’s readiness and security controls against an
Web Application Penetration Testing by DeepSeas RED
Why is it important for your organization to use web application penetration testing by DeepSeas RED? Companies rely on web applications, application programming interfaces (APIs) and mobile applications to conduct daily business more than ever. That includes customer-facing applications with functionality to perform automated activities that often use sensitive data,
Network Penetration Testing by DeepSeas RED
Why is it important to use the network penetration testing by DeepSeas RED? As technology advances, the methods cyber criminals use to exploit weaknesses in an operating system or network also evolve. Some examples of these flaws include social engineering attacks, SQL injection, outdated versions of software, poorly configured firewalls,
Meet Threat Recon Expert at DeepSeas, Warren Perez
In our “Meet Our Deeps” series, Warren Perez, Threat Recon Unit and Special Projects Leader at DeepSeas, shares insights on leveraging experience and continuous education to enhance cyber defense, emphasizing the importance of listening to feedback for improvement.
Managed Detection & Response: Questions for Your MDR Provider
Grade Your MDR Provider with These Questions. When was the last time you checked in on your MDR service? Is it working hard for you? Are you sleeping easy at night knowing your Managed Detection & Response provider has you covered? Ask your Managed Detection & Response provider: Are you…
MDR for OT: DeepSeas Covers Operational Technology
As the reliance on Operational Technology (OT) and Industrial Control Systems (ICS) grows within critical industries, the need for robust MDR for OT is becoming increasingly important. Let’s dive into the details of understanding OT, the role of ICS, and how DeepSeas MDR+ is serving as the go-to Managed Detection
Navigating NDAA Section 1505 with Nozomi Networks & DeepSeas
Let’s embark on your journey through the process of obtaining and maintaining NDAA Section 1505 compliance with Nozomi Networks leading the way and DeepSeas enhancing the journey with an outcomes-based approach. NDAA Section 1505 Compliance – Start Here The starting point is understanding the requirements of the law, a crucial
Timothy Haugh at the Helm: The Future of U.S. Cyber Command and NSA
Lt. Gen. Timothy Haugh is well-equipped with proven leadership
These changes and potential challenges paint a picture of what we can expect under Haugh’s leadership. But the reality is, cybersecurity is a complex and ever-evolving field. It’s like trying to hit a moving target. Haugh’s ability to adapt and respond to emerging threats, policy changes, and resource constraints will be the true test of his leadership. But given his track record, it seems he’s well-equipped for the task.
Analysis of DeepSeas Cyber Threat Intelligence Rollup
I’m going to take a look at the DeepSeas Cyber Threat Intelligence report from May 2023 through the lens of what I call, “The Good, The Bad, The Ugly and The Unexpected.” Shout-out to our partner Sentinel One who does a similar take on weekly threat intel. My fellow Deeps just
Cyber Threat Intelligence Report – May 2023
The DeepSeas crew recently published their cyber threat intelligence monthly report. As a client of DeepSeas, you can have the earliest access to these vital reports before they are published, as well as customized cyber threat intelligence reports tailored to your specific needs. Schedule a virtual consultation with the DeepSeas
MalasLocker is a Novel Twist on Ransomware Tactics
MalasLocker is a novel ransomware operation that has been active since the end of March 2023. It targets Zimbra servers, exfiltrating email data and encrypting files. Unlike traditional ransomware, MalasLocker doesn’t demand a direct ransom payment but requires the victim to make a donation to an approved non-profit charity. They
Volt Typhoon and the Importance of Proactive Cyber Defense
In the ever-evolving landscape of cyber threats, a new storm is brewing. The state-sponsored actor, Volt Typhoon, has been quietly infiltrating critical infrastructure organizations in the United States since mid-2021. This group, based in China, is known for its stealthy techniques and focus on espionage and information gathering. Their modus
The Hidden Chronicles of Turla: The Pinnacle of Russia’s Hacker Groups
In a fascinating article about Turla, the enigmatic hacker group, Andy Greenberg, spins a tale in the murky depths of the internet, woven through with threads of brilliant invention, stealth, and resilience. It starts in the shadowy corners of Russia’s cyberspace, where Turla has carved its notorious name. Lauded as
APT28 Potentially Exploiting MOVEit Zero Day
The DeepSeas cyber threat intelligence crew has observed exploitation of a zero-day exploit in US-based Progress’s MOVEit Managed File Transfer Software service. Further investigation by DeepSeas has uncovered a possible overlap with infrastructure known to be operated by the Russian state-aligned advanced persistent threat group Fancy Bear (aka APT28). Whether
Cyber Security Operations Expert: Meet Dorian James, DeepSeas
In our “Meet Our Deeps” series, Dorian James, Senior Manager of Security Operations at DeepSeas, discusses his journey from military service to cybersecurity, emphasizing teamwork and diligence in protecting clients.
How to have Productive Cybersecurity Discussions with Board of Directors
Cyber security discussions with your Board of Directors may not be occurring enough or focusing too much on protection and not enough on resilience.
Cloud to Firmware Exploitation Revealed by Otorio’s Research
The Cloud to Firmware exploitation revealed by Otorio’s Research can be viewed as a chain in the same way so many cybersecurity events are described, showing that a cybersecurity program’s strength is often determined by its weakest link. In the case at hand, the links are represented by a collection
Meet Security Operations Center Expert at DeepSeas, Timothy Carr
In our “Meet Our Deeps” series, Timothy Carr, a Security Operations Center (SOC) expert at DeepSeas, discusses his journey from military service to cybersecurity, emphasizing the importance of continuous training and the human element in cyber defense.
DeepSeas and GreyCastle Security Partner to Offer a Comprehensive Cyber Defense Program for Mid-Market Clients
San Diego, CA and Troy, NY – May 10, 2023 — Threat actors are collaborating to attack. It only makes sense for defenders to collaborate in return. Today, DeepSeas LLC and GreyCastle Security LLC announced a strategic partnership. GreyCastle has chosen DeepSeas as its managed detection and response (MDR) service
April 2023 Cyber Threat Intelligence Rollup by DeepSeas
Are you keeping a keen eye on the latest threat intel? The DeepSeas cyber threat intelligence crew published the April 2023 Cyber Threat Intelligence Rollup. Remember, DeepSeas clients always get the earliest look at these vital reports before they’re published, as well as dedicated reports tailored to their needs. Consider
Meet Threat Detection Engineering Expert at DeepSeas, Dan Rossell
In our “Meet Our Deeps” series, Dan Rossell, a Threat Detection Engineering Director at DeepSeas, discusses his passion for technical challenges and innovative solutions in cyber defense, emphasizing the importance of threat-informed defense and knowing one’s environment to improve cyber defense posture.
DeepSeas MDR+ for OT | Managed Detection & Response for Operational Technology
DeepSeas MDR+ for OT DeepSeas is the first and only Managed Detection and Response provider that covers OT along with IT, cloud, and mobile for the mid-market. The DeepSeas Operational Technology (OT) Managed Detection and Response solution provides 24x7x365 threat detection, analysis, and response to verified threats. DeepSeas is proud
Cyber Threat Intelligence Monthly Rollup by DeepSeas | March 23
Always keeping an eye on the latest cyber threat intelligence, DeepSeas is pleased to share our March 2023 Threat Intelligence Report. This comprehensive report is packed with critical updates on the most significant stories and developments from the month. In the March 2023 rollup, we have some good news and
DeapSeas MDR+
Discover what your MDR vendor isn’t giving you. Explore DeepSeas Managed Detection & Response. Get DeepSeas MDR+ Is your MDR provider delivering on its promises? If you have experience with Managed Detection & Response, you know what you need in your MDR provider: proactive and effective cyber defense support. Business
Meet Cybersecurity Service Delivery Manager, Tiffany Stewart
In our “Meet Our Deeps” series, Tiffany Stewart, a Cybersecurity Service Delivery Manager at DeepSeas, discusses her journey into cybersecurity, emphasizing the importance of continuous learning, mentorship, and maintaining a balance between fear and preparedness. She highlights the significance of personal well-being in an industry where mistakes can have serious consequences.
Meet Senior Service Delivery Coordinator, Erika Ambrose | DeepSeas
Senior Service Delivery Coordinator, Erika Ambrose, is featured in a DeepSeas series called, “Meet our Deeps.” Let’s dive in to learn more about Erika’s work and career. Q: Hi, Erika. Can you tell us a little bit about yourself and how your life experiences led you to a role as
Transforming a Cybersecurity Program: Top 5 Best Practices
The utilization of effective cyber defense tools and techniques – including best practices for building a cybersecurity program – were recently covered in an episode of Cybersecurity America with our own Deeps, Josh Nicholson and Michael Kennemer, Industrial Control Systems & Platform Security Engineer at DeepSeas. Below are top five
Meet Cybersecurity Engineer, Hannah Thompson
As part of a series called “Meet our Deeps,” we introduce you to Hannah Thompson, a cybersecurity engineer at DeepSeas. Let’s dive in to learn more about Hannah’s work and career. Q: Hi, Hannah. Can you tell us more about your current role as a cybersecurity engineer at DeepSeas? A: I
Meet Cybersecurity Data Quality Manager, Carmen Silva
As part of a “Meet our Deeps” series, we introduce you to Carmen Silva, a cybersecurity data quality manager at DeepSeas. Let’s dive in to learn more about Carmen’s work and career. Q: Hi, Carmen. Can you tell us what you enjoy most about your work as a Cybersecurity Data Quality
The Best Threat Intelligence Programs Answer these 3 Questions
Questions related to how security leaders can create the best threat intelligence programs for their organizations were recently covered in an episode of Cybersecurity America with Josh Nicholson. While there are many questions an organization should address when adopting a threat intelligence program, below are three of the many that
Analysis of Cyber Threat Actor Intrusion in an Architecture and Engineering Company
DeepSeas analysts identified an unspecified cyber threat actor conducting post-compromise activities in a company within the Architecture and Engineering industry. The targeted system was a domain controller that did not have an EDR agent installed. The DeepSeas SOC detected the creation of a file on an adjacent system that did
The Confusion Between Attack Surface Reduction and Vulnerability Management
Attack surface reduction was recently covered in an episode of Cybersecurity America with Josh. In his work with clients, Josh explains that there’s a lot less people focused on attack surface reduction and more on vulnerability management. He says vulnerability management is a shallower stage of a cybersecurity maturity journey
SOC Alert Prioritization & Potential Hidden Risks
Some security leaders have had SOC alert prioritization decisions made for them. Others are dealing with decisions that were made so long ago, no one remembers how they came to be. While other leaders feel certain in their decisions — e.g. “I measure our reduction in false positives.” — these
Meet Our Deep: Richard Waller, DeepSeas Cybersecurity Account Executive
Today, as part of a DeepSeas series called “Meet our Deeps,” we introduce you to Richard Waller, a DeepSeas Cybersecurity Account Executive responsible for the Midwest. Let’s dive in to learn more about Richard’s work and career. Q: Hi Richard. What is your current role at DeepSeas and what do you
Meet Our Deep Cybersecurity Experts: Ruben Mbon, CISSP, GCPM, Cyber Security Lead at DeepSeas
In a DeepSeas series titled “Meet Our Deeps,” we introduce you to our cybersecurity experts who are serving in the cyber seas. Today, we introduce you to Ruben Mbon, a Cybersecurity Lead at DeepSeas. Let’s dive in to learn more about his work and career. Q: Hello, Ruben. Please tell
OneNote Files Used for Malware Delivery, Actors Iterate Rapidly
OneNote Files Used for Malware Delivery, Actors Iterate Rapidly A DeepSeas Summary DeepSeas has identified a new technique involving the use of OneNote files in malware delivery, though activity of this nature was observed to have accelerated among cybercriminal groups in December 2022. The use of this new filetype has
FAA Reporting System Failure Grounding US Flights | DeepSeas Analysis
Yesterday was the first Patch Tuesday of the year, which some may speculate to be the cause of the FAA System Failure Grounding US Flights. Currently there is no indication of a cyber attack. Summary: On 11 January 2023, reports on social media and news sites began circulating that the
Cyber Defense News: Bracing for a Potential Russian Winter Offensive in Ukraine and Cyber-attacks Against U.S.
Potential for Russia to respond with cyber-attacks against U.S. organizations, such as financial, oil and gas, or manufacturing. Executive Summary: In Mid-October, Russian President Vladimir Putin announced that the Russian Defense Ministry had almost reached its goal of 300,000 reservists activated to aid in his war effort in Ukraine. Russia
Linux Kernel ksmbd Use-After-Free Vulnerability
Summary: On 22 December 2022, a potential Remote Code Execution (RCE) vulnerability in Linux Kernel versions 5.15 – 5.18.x / 5.19.x which affects Linux Kernel products with ksmbd enabled. According to Zero Day Initiative, the vulnerability could allow remote attackers to execute arbitrary code on affected installations and authentication is
New Cyber Defense Brand, DeepSeas, to Unite Newly Acquired Commercial Managed Threat Services Business from Booz Allen Hamilton with Security On-Demand
The new entity’s mission is to create the world’s most in-depth cyber defense services. San Diego, CA and McLean, VA – December 8, 2022 –With the backing of Nautic Partners, Security On-Demand announced today it has acquired Booz Allen Hamilton’s (NYSE: BAH) commercial Managed Threat Services (MTS) business. MTS and
DeepSeas is Coming at the Right Time with the Right Combinations: An Interview with Wade Alt, Chief Operating Officer
Booz Allen’s Managed Threat Services business and DeepSeas cybersecurity was described to me during a recent chat with Wade Alt, the new Chief Operating Officer of DeepSeas. I learned his perspective on the launch of DeepSeas, what it means for the cybersecurity market, and his career. An interview of Wade
Two Mighty Forces in Cyber Defense Unite to Form DeepSeas
By Chris Esemplare, CEO at DeepSeas In the cybersecurity market, DeepSeas is a new name, but it’s not a startup. Rather, it’s the unification of two mighty forces in cyber defense: Booz Allen Hamilton’s commercial Managed Threat Services business and Security On-Demand. I am excited by the potential of combining
Join our Team
21% of the DeepSeas crew are Veterans or Active Military Reservists. Join our talented crew of cyber experts.
