March, 2020 — We recently had a Malicious Operation (Malop) pop up for one of our MSP Partners' small business clients and it turned out to be a true hit, with malicious PowerShell on a couple of hosts with RDP (port 3389) open to the internet. Our Malware Prevention thankfully blocked the malicious payloads, but something was still going on that needed to be tracked down and remediated.
If a single password was the barrier between an attacker and your network, would it hold up against brute force?
Learn one method used by attackers to gain a foothold in a network and escalate their privileges.
Advanced attacks are out there.
Advanced malware threats are hiding in software applications many of us use daily and trust. So much so that legitimate software can be difficult to distinguish. New attack vectors are continuously being discovered and attackers are finding back doors onto your device to gather you or your company’s information.
Every network has its weaknesses.
But do you know what they are and the impact they have on your network security? With the large amount of data on systems and advances in attack sophistication, it’s more important than ever to have a complete picture of what’s going on in your network.
In response to increased compliance concerns and the need to protect against security breaches, more companies are implementing SIEM technology to more easily collect, correlate and analyze data and security alerts from a central location. But once a SIEM is in place, how can organizations be sure it remains effective over time? That’s where a detailed threat assessment comes in.
Privileged accounts represent one of the largest vulnerabilities an organization faces today in network security. It doesn’t matter if the accounts are compromised by an external attacker or a malicious insider. If privileged accounts are in the hands of an adversary it is a very real and scary threat.
Infogressive’s Jeff Murphy provides feedback from SC Magazine’s article “Ransomware goes to Hollywood medical centre.”
For Hollywood Presbyterian Medical Center to have paid out over three million dollars in ransomware and suffered a week of down time indicates a less than stellar cyber security posture.
Log analysis. It’s a thing. First reactions are probably going to be “Yuck,” “Make the new guy do it,” “Insert expletive here,” or the more common “Why? What broke now?”