On the analysis front, there was no rest for the weary over the holidays thanks to a couple of inconveniently timed 0 days. We kicked off 2013 with a 22 page Fusion Report (FR13-001) that details both the campaign and two separate malware payloads. The report included detailed information on the leveraged protocols along with a working C2 decoder. Multiple indicators and six additional snort signatures were added to the collection for proactive identification and mitigation of related activity.
It’s busy, and seems to be getting busier.
- We have our annual report in final review with our membership before final publish.
- We’re in conversation with several new associates to provide new and different data types and perspectives to the membership.
- We’re adding new features to the portal --testing the Outlook plug-in in the Beadwindow portal as we speak, and have acquired an app to allow mobile users to operate from smartphones and pads.
- Interest in Beadwindow is growing. I’ve received a number of inquiries, and given several presentations to government users who now have the ability to communicate with those Red Sky members who choose to talk to them. This is big. Our members complain of the sheer volume of government folks who want to talk to them. Now they can do it in one place.
Look for our Annual Report soon, as well as our first white paper “How great companies deal with APT and Targeted Events”. The paper is a high level road map of the seven common actions that companies do when faced with Targeted and APT events. There’s nothing worse than realizing there’s someone in your network and you can’t get them out. This paper will tell you how others worked through the problem.
2012 was a great year. 2013 looks to be even better!
Once more, and then I’ll stop. Happy New Year!
Have a great week!
Jeff
