A torrent of PUPs

For those thinking this is a cute story about dogs, stop reading now!

PUPs or Potentially Unwanted Program alerts are sent from security software highlighting programs or files on a system that could display unwanted ads, change browser settings without consent and generally behave in an antisocial way.

Our Cyber team has received PUPs from several customer environments recently. Sharing these incidents demonstrates the value a Managed Security Service Provider (MSSP) like Kyocera Cyber will offer to customers in their care.

The Kyocera Cyber team use advisories to address incidents quickly and help prevent malware and other vulnerabilities being exploited.
Additionally, we use alerts, including PUPs, to make customers aware of weaknesses or bad actors within their organisation so remedial action can be taken or enhanced training programs set-up to strengthen their human layer of defence.

Bad PUP 1

An alert was received on behalf of a customer for torrenting software.

CrowdStrike’s falcon agent blocked and quarantined the file. Meanwhile our analysts got to work identifying thousands of unexpected media files across their network endpoints which had downloaded within the past month.

The Kyocera Cyber Team reported the incident to the customer’s IT team for review and remediation.

Bad PUP 2

In a second incident involving a different customer, the Kyocera Cyber team received an advisory highlighting the downloading of explicit content. The offending files were removed, and the incident reported to the customer for internal investigation.

Typically, customers conduct their own investigation following an incident to determine necessary remediation or any internal disciplinary action if applicable.

As an MSSP, Kyocera’s Cyber business will support our customers remediation needs as required, for example strengthening their user, device or data security through our broad portfolio of solutions and managed services.