“Voicemail” Phishing Campaign
OVERVIEW On February 28th, the Proficio Threat Intelligence Team identified a new spear-phishing campaign that pretends to be sending a voicemail to targeted recipients. In this blog, we share some of the findings from our deep-dive investigations into the attack activities that we have observed for this campaign. PHISHING DETAILS The attack starts with a […]
Cybersecurity in the World of COVID-19
People around the world are grappling with the new reality of COVID-19 which is drastically changing the way organizations do business. From protecting employee and customer health to maintaining operational and economic resilience, we are challenged with finding ways to keep business running smoothly – and safely – in this new normal. For IT leaders, […]
Mailto and Mailto-2 Ransomware
OVERVIEW In October of 2019, a group of relatively new ransomware strains called Mailto and Mailto-2 were found in the wild. These two ransomware types were also known as “Kokoklock” and “Kazkavkovkiz” where the names have been used interchangeably with no clear definitions at this point of time. This ransomware group gained attention with the […]
Focusing on Big Rocks: A Cybersecurity Strategy for Success
The Big Rocks of Cybersecurity Strategy: As a seasoned cybersecurity leader, I’ve traveled 200,000 miles a year, engaging with CIOs and CISOs worldwide. One common theme resonates with them all: focusing on the “big rocks” of cybersecurity. In this post, we’ll explore what these big rocks are and how Proficio’s Managed Detection and Response (MDR) […]
Exploits in the Wild for Citrix ADC and Citrix Gateway Vulnerability CVE-2019-19781
OVERVIEW In December of 2019, the details of a critical vulnerability affecting certain versions of Citrix Application Delivery Controller (formerly known as NetScaler ADC) and Citrix Gateway servers were publicly disclosed. The Proficio Threat Intelligence Team posted information about the vulnerability and its exploits in our Twitter Feed and issued a security advisory to our […]
Takeaways from the 2019 Data Breach Investigations Report
The 2019 Data Breach Investigations Report was released in December and highlights the many aspects of data breaches and frequency of their occurrence. In review, we find this gives us a great opportunity to reflect on what security teams should focus on in 2020. The Attackers According the report, about 1/3 of attacks originate from […]
Cybersecurity in the Next Decade – Proficio’s Projections for the 2020s
2019 was another busy year for cybersecurity professionals. There were more security incidents than in any previous year, and they included some of the largest breaches of all time. According to Forbes magazine more than 4.1 billion records were compromised. Looking forward to the next decade, we expect cyber defenders to still face many challenges. […]
Goldilocks Security Operations Architecture: Finding the Perfect Balance for Your Security
Organizations today are aware of their cybersecurity risk, but many struggle to determine what is the best way to stay protected. Finding the right balance between using internal resources and outsourced managed services is the key to a successful cybersecurity program. But how do you weigh your need to control technology and operations with the […]
Security Overhaul: Migrating from a Legacy MSSP to a Splunk MDR Service Provider
Why Change? In the early 2000s, when Security Information and Event Monitoring systems (SIEMs) came onto the market, they were often expensive and complex to manage. But many organizations were required to collect, analyze and store security logs to meet compliance requirements, and a SIEM was the perfect tool for the job. Today most IT […]
The SOC Dilemma: Build, Buy or In Between?
IT security teams have a very difficult job, with an ever-changing threat landscape and the fact that a cyberattack only has to succeed once for an organization to be negatively affected. At the same time, most organizations are strapped for resources, especially when it comes to training and keeping experienced in-house security staff. A recent […]
Healthcare organizations and the cloud: Benefits, risks, and security best practices
Healthcare organizations are moving their business-critical applications and workloads to the cloud, and while there are many benefits (lower costs, added flexibility and greater scalability), there are also inherent risks that cannot be overlooked. Ensuring organizations’ sensitive data is being monitored and protected (24/7) is key and having analysts who clearly understand security in the cloud is […]
SIEM challenges: Why your security team isn’t receiving valuable insights
Today, many enterprises use security information and event management (SIEM) software to help detect suspicious activity on their networks. However, to be effective organizations need to surround a SIEM with security experts, advanced use cases, threat intelligence, and proven processes to investigate and respond to threats. Misperceptions: Why not set and forget? Since a SIEM […]