NetWorks Group Blog

NetWorks Group

NetWorks Group is a Managed Detection & Response (MDR) and Ethical Hacking Service provider. We help organizations detect and respond to advanced cyber security threats through a powerful combination of our proprietary threat detection platform, expertise and security tools. Our unique approach to security not only helps you stay ahead of cyber criminals but also helps you reduce cost and increase efficiency.
Find me on:

Recent Posts

Spear-phishing: Are they preventable ?

Posted by NetWorks Group on May 1, 2018 1:27:03 PM

Spear-Phishing Attacks: Are They Preventable?

Phishing attacks are increasing at alarming rates. Surveys show that 71% of businesses are not prepared to manage these type of attacks. Many businesses are finding that their defenses are limited and people in the highest offices are vulnerable.

Read More

Topics: Information Security

When 911 emergency call system is struck by cyberattack

Posted by NetWorks Group on Apr 9, 2018 10:23:53 AM

When a 911 Emergency Call System Is Struck by a Cyberattack

Cyberattacks are occurring with greater frequency and they can wreck havoc in a business or an organization. When an emergency system is attacked, however, the results can be potentially life-threatening. 
Read More

Topics: Threat Management, Information Security

Critical Vulnerability Advisory: Cisco ASA Remote Code Execution & DOS Vulnerability - Updated - Additional Patching Required

Posted by NetWorks Group on Feb 5, 2018 2:08:51 PM

Cisco ASA Remote Code Execution & DOS Vulnerability

Release Date (01-29-2018) - Updated (02-05-2018) CVE#-2018-0101

Affected Products - Must have WebVPN enabled to be vulnerable

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 4120 Security Appliance
  • Firepower 4140 Security Appliance
  • Firepower 4150 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)
  • FTD Virtual

Vulnerability Details

After further investigation, Cisco has identified additional attack vectors and features that are affected by this vulnerability. In addition, it was also found that the original fix was incomplete so new fixed code versions are now available.

Read More

Topics: Threat Advisory, Information Security

Effective Daily Log Monitoring for PCI

Posted by NetWorks Group on Feb 1, 2018 10:55:04 AM

Security technologies such as firewalls are meant, at best, to prevent data security breaches, or at worst, detect them before they get out of hand; but in some cases, organizations have been complacent. In the infamous Target data breach of 2013, hackers were roaming their system and stealing data for two weeks before the breach was even detected. In the equally egregious breach of Heartland Payment Systems five years earlier, hackers were stealing data for several weeks before the invasion was discovered. Ironically, both Heartland and Target were PCI-compliant, but the time lag between system compromise and detection was unnecessarily long. And, they’re not alone in this regard. 

Read More

Topics: PCI, Compliance, Security Monitoring, Managed Detection & Response

Critical Vulnerability Advisory: Cisco ASA Remote Code Execution & DOS Vulnerability

Posted by NetWorks Group on Jan 30, 2018 4:05:47 PM

Cisco ASA Remote Code Execution & DOS Vulnerability

Release Date (01-29-2018) CVE#-2018-0101

Affected Products - Must have WebVPN enabled to be vulnerable

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)

Vulnerability Details

This vulnerability affects an unknown function of the SSL VPN component within the ASA. The vulnerability is triggered when an attacker attempts to double free a section of memory when the VPN component is active on the ASA. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system.

Read More

Topics: Threat Advisory, Information Security

Modeling an effective threat detection and response program

Posted by NetWorks Group on Dec 19, 2017 10:35:41 AM

Modeling an effective threat detection and response program

Know Your Enemy

Read More

Topics: Information Security, Managed Detection & Response, Threat Management, Threat Hunting

Protect. Detect. Respond: The Case for Managed Detection and Response

Posted by NetWorks Group on Nov 27, 2017 10:49:18 AM

Cyber security is on the mind of every business executive in the world. Modern security challenges are not easy to fix or even identify, and despite some misleading advertising from vendors, there is no one-size-fits-all solution. We frequently observe large visibility gaps in existing security implementations, providing even obvious red flags to slip under the radar. Firewalls and traditional antivirus software are important, but only react to known threats. Too many organizations rely on passive preventative technology for network security. Good attackers employ stealth and polymorphic tools that defy signature-based detection, allowing them to bypass these technologies all together. We must assume that threats will get in, and no system is impenetrable.  

Read More

Topics: Information Security, Managed Detection & Response, Threat Management, Security Monitoring, Threat Hunting

A Primer to Endpoint Threat Detection & Response

Posted by NetWorks Group on Jul 11, 2017 1:18:00 PM

 As global cybercrime continues to develop new methods to penetrate system defenses, the tactics used in response to threats have been forced to adapt as well. The result has been a move from simple antivirus protection to complete endpoint protection using sophisticated integrations of endpoint malware protection, threat detection and response algorithms, and, in some cases, managed security services. Endpoint threat detection has been identified by Gartner research as one of the top tools for fighting cybercrime.

Read More

Topics: Managed Detection & Response, Information Security, Threat Management

VENOM - Xen, KVM, and QEMU Virtualization - High Vulnerability Advisory

Posted by NetWorks Group on May 13, 2015 10:24:00 AM

VENOM (Virtualized Environment Neglected Operations Manipulation)

If you are currently utilizing Xen, KVM or QEMU virtualization products you need to apply patches. VMware and Microsoft Hyper-V virtualization products are not affected.

Read More

Topics: Threat Advisory, Threat Hunting, Threat Management, Vulnerability Management

Cisco UCS Central Software - Critical Vulnerability Advisory

Posted by NetWorks Group on May 8, 2015 9:08:00 AM

Affected Product
Cisco UCS Central Software versions 1.2 and earlier

If you are currently running Cisco UCS Central Software you should update the software immediately.

Read More

Topics: Threat Advisory, Device Management, Information Security

Subscribe to our blog!