The Difference Between An MSSP and An MDR Service Provider
What is the difference between an MSSP and an MDR service provider (and everything in between)? As any industry evolves, it is common for new categories of products and services to proliferate. In the case of cybersecurity services, many of the new services have been introduced to respond to the evolving threat landscape or to […]
Hafnium – Microsoft Exchange Server 0-Day Vulnerability
OVERVIEW | 0-day As early as January 6, 2021, multiple Microsoft Exchange 0-day vulnerabilities had been publicly disclosed. These 0-day vulnerabilities were found to be actively exploited by the threat group Hafnium. This appears to be a nation-state attack that is currently targeting as many as 30,000 organizations in the United States and hundreds of […]
2020 Threat Hunting Campaigns and the Lessons Learned
Society has learned a lot of lessons in 2020. While many may focus on the covid-19 pandemic, it’s fair to say that cybersecurity faced its share of challenges too – especially with many organizations being thrust into a remote working environment. For Proficio’s Threat Intelligence team, we had to face a slew of new threats, […]
Key Takeaways from the SolarWinds Compromise
FireEye has recently released a detailed report on a global supply chain cyber-espionage campaign that utilizes compromised Solarwinds Orion software updates to distribute a backdoor codenamed “SUNBURST” by FireEye. This particular campaign was announced by FireEye to be associated with a breach reported earlier on the 8th of December 2020, where it was revealed that […]
Phishing in the Wild II
OVERVIEW Phishing events are commonly seen in the public so the Proficio’s threat intelligence team often receives opportunities to research different type of phishing activities. On the 13th November 2020, a client had requested for assistance on a phishing incidence that had occurred within their environment. In this blog, we share some of the findings […]
Cybersecurity in a Work from Anywhere (WFX) Environment
In 2020, thanks in large part to the COVID-19 virus, the work environment in Europe has shifted, with remote working leading the way. This presents many challenges for IT and security teams as they now must deal with an increase in cyberattacks in less a secure environment. As the UK and other European countries enter […]
ENISA Report Highlights: Guidelines for Securing the IoT
Over the past four years, I’ve been fortunate enough to contribute to several papers produced by the European Union Agency for Cybersecurity (ENISA). ENISA was started in 2004 as a place for industry experts to partner and work together towards the common goal of making Europe more cyber secure. The Agency works closely with both […]
Ryuk Ransomware
OVERVIEW Ryuk ransomware was first discovered in the wild in 2018. It is known for using manual hacking techniques and open-source tools to move laterally through private networks and gain administrative access to as many systems as possible before initiating the file encryption. This ransomware group was one that did not stop attacks on healthcare […]
Typeform Phishing Campaign
OVERVIEW In recent years, phishing campaign comes in different types and forms. The attackers are known to utilize free online tools and a variety of methods in hope to harvest credentials out from the victims. On 16 August 2020, a relatively new spear-phishing campaign was detected which appears to utilize a free online tool – […]
Europe’s 2020 Cybersecurity Evolution: Securing Teleworkers
How cybersecurity of organisations in Europe will change and adapt with teleworking and the migration to the cloud When 2020 arrived, no-one could have predicted nor expected the drastic changes that we are seeing in the light of the COVID-19 pandemic. Not only has the pandemic changed cybersecurity, it has also created a huge paradigm […]
5 Reasons MITRE Framework is Being Adopted by the Industry
Since the MITRE ATT&CK framework was released in 2013, it has become widely used by cybersecurity teams. Built to be complementary to other frameworks, like the Lockheed Martin Cyber Kill Chain, the ATT&CK method (Adversarial Tactics, Techniques & Common Knowledge) was created to be a “foundation for the development of specific threat models and methodologies”. […]
5 Strategies to Stretch Your Cybersecurity Budget
More than ever before, organizations are asking their cybersecurity teams to find savings, delay expenditures and get more value from their budgets. While pushing vendors for price concessions, decreasing pay, or even laying-off employees are options, IT leaders should use the pandemic as an opportunity to rethink their overall approach and find sustainable strategies to […]
