Author: Kirk Soluk

Kirk Soluk
Kirk Soluk is the Manager of ASERT's Threat Intelligence and Response Team. The team is responsible for tracking advanced threats and providing customers with relevant situational awareness and context. The team also researches and develops countermeasure prototypes for Arbor products and provides “buck stops here" operational support for Arbor customers that are actively under attack or in preparation for attacks against high profile events. Prior to joining Arbor, Kirk spent 11 years at Microsoft, eight of those in the Windows Core Security Group working on operating system security enhancements and security management tools. Subsequently, Kirk spent 9 years at the University of Michigan, most recently as an Information Systems Security Manager overseeing University-wide security solutions and services. Kirk holds a bachelor’s degree in Electrical Engineering and Computer Science from the Univerity of Michigan, a Master’s degree in Computer Science from Michigan State and is the primary inventor on three security-related patents.

Patching Not Enough to Stop Petya

Voluminous amounts of information have already been disseminated regarding the “Petya” (or is it “NotPetya”? [1]) ransomware that hit the Ukraine hard [2] along with organizations such as “the American pharmaceutical giant Merck, the Danish shipping company AP Moller-Maersk, the British advertising firm WPP, Saint-Gobain […]

Read more

Pivoting off Hidden Cobra Indicators

On June 13th 2017, US-CERT issued a joint Technical Alert (TA17-164A) entitled Hidden Cobra – North Korea’s DDoS Botnet Infrastructure. The alert, which was the result of analytic efforts between the Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), included a list […]

Read more

WannaCry

Information regarding the WannaCry ransomware is spreading as quickly as the malware itself and is expected to do so throughout the weekend. This blog provides some information from our malware processing system that may, or may not be, available elsewhere. The WannaCry ransomware propagates by […]

Read more