Articles of interest from the week of June 8, 2020

Helping Remote Workers Overcome Remote Attacks

Because remote workers’ devices are all connected to a home network, they don’t even need to be attacked directly. Instead, attackers have multiple avenues of attack that can be exploited. (By Derek Manky, Threatpost) Ingalls: Most of the time when we get called into a cybersecurity emergency by a breach victim, we spend a lot of effort just trying to understand the environment. Having an inventory of systems, applications, and data is a very important part of managing cybersecurity risk. It can take some time to complete, but an accurate inventory that is maintained can be invaluable during investigations. Visit our blog post, Foundational Control: Create And Maintain A Hardware And Software Inventory, to learn more.

Honda Hacked: Japanese Car Giant Confirms Cyber Attack On Global Operations

Global operations at the Japanese car manufacturer Honda have been disrupted by a confirmed cyber attack. In a tweet posted June 8, the Honda Automobile Customer Service Twitter account said that both customer service and financial services networks were "experiencing technical difficulties and are unavailable." (By Davey Winder, Forbes)  Ingalls: Ransomware has become a serious threat to businesses of all sizes and industries, and traditional security practices are no longer strong enough to protect your business: early detection and response is key. Are you prepared to defend against ransomware?

NetWalker Ransomware: No Respite, No English Required

The operators behind NetWalker (aka Mailto) ransomware have proven time and time again that they do not hold back. In a time where even some of the most active ransomware-centric actors are backing off from attacking medical targets due to the COVID-19 pandemic, NetWalker ransomware continues to attack them. The ransom demands are steep and almost guarantee that the victim will choose to be uncooperative, leading to the victim’s data being leaked publicly. (By Jim Walter, Sentinel Labs)  Ingalls: Prevention is the only the cure for threats like NetWalker. The four pillars of traditional IT Risk Management (firewalls, anti-virus, patch management, and backup) are no longer enough to mitigate the risk from today’s cybersecurity threats like ransomware. Our cybersecurity experts can help secure your company's information in a personalized and efficient way with our cybersecurity and Managed Detection and Response services.

Microsoft Patch Tuesday, June 2020 Edition

Microsoft Tuesday released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. None of the bugs addressed this month are known to have been exploited or detailed prior to today, but there are a few vulnerabilities that deserve special attention — particularly for enterprises and employees working remotely. (By Krebs on Security) Ingalls: Enhancing your patch management process to include vulnerability scanning, a robust remediation workflow, and metrics-based decision support from data collection can do a lot more for your risk management than simply plugging holes whenever a software vendor produces a patch. In our downloadable “8 Effective Cybersecurity Controls For SMBs” guide we discuss how to do more with patch management, and the benefits of a mature Vulnerability Lifecycle Management program. If your business or a client needs expert cybersecurity risk management that includes Vulnerability Lifecycle Management, please contact us today to schedule an engagement with Ingalls Information Security! 

Attack Surface Area Larger Than Most Businesses Believe

Workers are not the only outside-the-perimeter security risk. Companies have a variety of vulnerable Internet-facing resources exposing their business to risk, study finds.. (By Robert Lemos, Dark Reading) Ingalls: Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, anomaly detection and response guidance utilizing a defense-in-depth approach which monitors and correlates network activity with endpoints, logs and everything in between.