Cybersecurity and, to a lesser but growing extent, compliance are the most pressing priorities for MSPs and their customers this year, according to a Kaseya survey of 1,300 owners and technicians of MSP firms in more than 50 countries. (By Help Net Security) Ingalls: In our current, unprecedented climate, an outage can mean the end for a small business. So for MSPs, who are the IT backbone of these small businesses, there’s an urgent need to fill gaps in coverage. Companies need more cybersecurity support from their MSP partners. Ingalls has a Managed Service Provider (MSP) Channel program to help diversify MSP clients’ cybersecurity solutions and strategy in order to respond agilely to any threat that comes their way and maintain their livelihood.
The Emotet – TrickBot – Ryuk ransomware killchain is an advanced cybersecurity threat that organizations and Cybersecurity professionals face. Understanding the specific techniques, tactics, and procedures (TTPs) that the threat actors who use these tools employ can provide vital insight to protecting against and responding to incidents. (By Cyrus Robinson, Ingalls Information Security) Ingalls: In our newest Research Paper, we explore evidence collected and analysis performed during real-world incident response efforts led by Ingalls Information Security.
The report, authored by the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) and the Federal Bureau of Investigation (FBI), urges organizations in the public and private sector to apply necessary updates in order to prevent the most common forms of attacks encountered today. This includes attacks carried out by state-sponsored, non-state, and unattributed threat actors. (By Catalin Cimpanu, ZDNet) Ingalls: Check out our blog post that discusses the importance of patch management, and the benefits of a mature Vulnerability Lifecycle Management program.
We promised you there would be a Part 1 to FaxHell, and with today’s Patch Tuesday and CVE-2020-1048, we can finally talk about some of the very exciting technical details of the Windows Print Spooler, and interesting ways it can be used to elevate privileges, bypass EDR rules, gain persistence, and more. Ironically, the Print Spooler continues to be one of the oldest Windows components that still hasn’t gotten much scrutiny, even though it’s largely unchanged since Windows NT 4, and was even famously abused by Stuxnet (using some similar APIs we’ll be looking at!). It’s extra ironic that an underground ‘zine first looked at the Print Spooler, which was never found by Microsoft, and that’s what the team behind Stuxnet ended up using! (By Yarden Shafir & Alex Ionescu, Winsider Seminars & Solutions, Inc.)
What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers. (By Alex Scroxton, ComputerWeekly.com) Ingalls: Businesses can reduce the risk of a catastrophic breach like this one by taking a proactive, security-first stance and following industry best practices in designing and implementing their technology solutions. Let our cybersecurity experts help you secure your company's information in a personalized and efficient way with our cybersecurity and Managed Detection and Response services.