Exploits in the Wild for Citrix ADC and Citrix Gateway Vulnerability CVE-2019-19781
OVERVIEW In December of 2019, the details of a critical vulnerability affecting certain versions of Citrix Application Delivery Controller (formerly known as NetScaler ADC) and Citrix Gateway servers were publicly disclosed. The Proficio Threat Intelligence Team posted information about the vulnerability and its exploits in our Twitter Feed and issued a security advisory to our […]
Takeaways from the 2019 Data Breach Investigations Report
The 2019 Data Breach Investigations Report was released in December and highlights the many aspects of data breaches and frequency of their occurrence. In review, we find this gives us a great opportunity to reflect on what security teams should focus on in 2020. The Attackers According the report, about 1/3 of attacks originate from […]
Cybersecurity in the Next Decade – Proficio’s Projections for the 2020s
2019 was another busy year for cybersecurity professionals. There were more security incidents than in any previous year, and they included some of the largest breaches of all time. According to Forbes magazine more than 4.1 billion records were compromised. Looking forward to the next decade, we expect cyber defenders to still face many challenges. […]
Goldilocks Security Operations Architecture: Finding the Perfect Balance for Your Security
Organizations today are aware of their cybersecurity risk, but many struggle to determine what is the best way to stay protected. Finding the right balance between using internal resources and outsourced managed services is the key to a successful cybersecurity program. But how do you weigh your need to control technology and operations with the […]
Security Overhaul: Migrating from a Legacy MSSP to a Splunk MDR Service Provider
Why Change? In the early 2000s, when Security Information and Event Monitoring systems (SIEMs) came onto the market, they were often expensive and complex to manage. But many organizations were required to collect, analyze and store security logs to meet compliance requirements, and a SIEM was the perfect tool for the job. Today most IT […]
The SOC Dilemma: Build, Buy or In Between?
IT security teams have a very difficult job, with an ever-changing threat landscape and the fact that a cyberattack only has to succeed once for an organization to be negatively affected. At the same time, most organizations are strapped for resources, especially when it comes to training and keeping experienced in-house security staff. A recent […]
Healthcare organizations and the cloud: Benefits, risks, and security best practices
Healthcare organizations are moving their business-critical applications and workloads to the cloud, and while there are many benefits (lower costs, added flexibility and greater scalability), there are also inherent risks that cannot be overlooked. Ensuring organizations’ sensitive data is being monitored and protected (24/7) is key and having analysts who clearly understand security in the cloud is […]
SIEM challenges: Why your security team isn’t receiving valuable insights
Today, many enterprises use security information and event management (SIEM) software to help detect suspicious activity on their networks. However, to be effective organizations need to surround a SIEM with security experts, advanced use cases, threat intelligence, and proven processes to investigate and respond to threats. Misperceptions: Why not set and forget? Since a SIEM […]
When is it Time to Break Up with your #CyberSecurity Services Provider?
A cybersecurity services provider should be a trusted business partner and act as true extension of an enterprise’s in-house security team. However, sometimes organizations are left feeling dissatisfied with the relationship they’ve forged with the services provider they’ve selected. There are several reasons the relationship may not be working out, and therefore it may be […]
What Your Business Needs to Know About How to Comply With the GDPR
Data security is a global problem that crosses all international borders, time zones and currencies. Cyber criminals based in one part of the world can freely target companies or individuals across the globe in a matter of seconds. Therefore, your organization’s cybersecurity posture must be agile and able to monitor, detect and respond to incoming […]
Extortion-based cyber attacks: The next evolution in profit-motivated attack strategies
Today, data breaches have impacted just about every industry possible. From entertainment to the restaurant industry, no sector or organization appears to be safe, and it has been predicted that cyberattacks are going to get even worse. Adding chaos to the mix Recent high-profile ransomware attacks, such as WannaCry and NotPetya, demonstrated the continued global expansion of high-stakes […]
MDR or EDR. What’s right for you?
Targeted attacks are on the rise and often go undetected by traditional security solutions and methods. Endpoint Detection and Response (EDR) companies like CrowdStrike, Carbon Black, CounterTack, and a new up and coming company ZitoVault, have solutions that can stop targeted attacks in their tracks. Why EDR? Customized malware can bypass traditional antivirus solutions, so […]
