Details on Threat Group That Claims to Have Obtained President Trump’s Legal Documents
REvil/Sodinokibi Ransomware OVERVIEW The REvil/Sodinokibi threat group has taken ransomware attacks to a new level. While most variants, like the recent strain of DoppelPaymer ransomware, encrypt victim’s files, Proficio’s Threat Intelligence Team has seen an uptick of strains that also steal data to further pressure victims into paying ransoms. This group, infamously known as the […]
Not All Partnerships are Equal
As Henry Ford once said, “Coming together is the beginning. Keeping together is progress. Working together is success.” While many people have an understanding of how partnerships work in their day-to-day lives, defining a true partnership in a business relationship can be more challenging. In the field of cybersecurity, finding a “true partner” means you […]
Preparing for Tomorrow: Cybersecurity in a Remote World
This article originally appeared in InfoSecurity Magazine The world is adjusting to a new reality. While working from home may be the norm for many tech companies, organizations of all shapes and sizes are now faced with the unique challenges that come from remote employees, trying to navigate how to secure their networks in an […]
“Voicemail” Phishing Campaign
OVERVIEW On February 28th, the Proficio Threat Intelligence Team identified a new spear-phishing campaign that pretends to be sending a voicemail to targeted recipients. In this blog, we share some of the findings from our deep-dive investigations into the attack activities that we have observed for this campaign. PHISHING DETAILS The attack starts with a […]
Cybersecurity in the World of COVID-19
People around the world are grappling with the new reality of COVID-19 which is drastically changing the way organizations do business. From protecting employee and customer health to maintaining operational and economic resilience, we are challenged with finding ways to keep business running smoothly – and safely – in this new normal. For IT leaders, […]
Mailto and Mailto-2 Ransomware
OVERVIEW In October of 2019, a group of relatively new ransomware strains called Mailto and Mailto-2 were found in the wild. These two ransomware types were also known as “Kokoklock” and “Kazkavkovkiz” where the names have been used interchangeably with no clear definitions at this point of time. This ransomware group gained attention with the […]
Focusing on Big Rocks: A Cybersecurity Strategy for Success
The Big Rocks of Cybersecurity Strategy: As a seasoned cybersecurity leader, I’ve traveled 200,000 miles a year, engaging with CIOs and CISOs worldwide. One common theme resonates with them all: focusing on the “big rocks” of cybersecurity. In this post, we’ll explore what these big rocks are and how Proficio’s Managed Detection and Response (MDR) […]
Exploits in the Wild for Citrix ADC and Citrix Gateway Vulnerability CVE-2019-19781
OVERVIEW In December of 2019, the details of a critical vulnerability affecting certain versions of Citrix Application Delivery Controller (formerly known as NetScaler ADC) and Citrix Gateway servers were publicly disclosed. The Proficio Threat Intelligence Team posted information about the vulnerability and its exploits in our Twitter Feed and issued a security advisory to our […]
Takeaways from the 2019 Data Breach Investigations Report
The 2019 Data Breach Investigations Report was released in December and highlights the many aspects of data breaches and frequency of their occurrence. In review, we find this gives us a great opportunity to reflect on what security teams should focus on in 2020. The Attackers According the report, about 1/3 of attacks originate from […]
Cybersecurity in the Next Decade – Proficio’s Projections for the 2020s
2019 was another busy year for cybersecurity professionals. There were more security incidents than in any previous year, and they included some of the largest breaches of all time. According to Forbes magazine more than 4.1 billion records were compromised. Looking forward to the next decade, we expect cyber defenders to still face many challenges. […]
Goldilocks Security Operations Architecture: Finding the Perfect Balance for Your Security
Organizations today are aware of their cybersecurity risk, but many struggle to determine what is the best way to stay protected. Finding the right balance between using internal resources and outsourced managed services is the key to a successful cybersecurity program. But how do you weigh your need to control technology and operations with the […]
Security Overhaul: Migrating from a Legacy MSSP to a Splunk MDR Service Provider
Why Change? In the early 2000s, when Security Information and Event Monitoring systems (SIEMs) came onto the market, they were often expensive and complex to manage. But many organizations were required to collect, analyze and store security logs to meet compliance requirements, and a SIEM was the perfect tool for the job. Today most IT […]