Articles of interest from the week of June 15, 2020

Defending Your Budget: How to Show ROI of Cybersecurity Investments

Until recently, proving the ROI of security investment has not been a significant issue. Headlines pretty much did the job for us. Newspaper articles and online reports of the latest breach, ransomware or software vulnerability made it easier to justify the need for additional layers of security to reduce the risk of our own business becoming a future headline. But this was before we entered the new era of remote work we are in today. (By By Laurence Pitt, SecurityWeek) Ingalls: Our cybersecurity experts can help your team establish risk-based KPIs for security. Please contact us today if you would like to speak to one of our cybersecurity experts about how we can help secure your company's information in a personalized and efficient way with our cybersecurity and Managed Detection and Response services.

Most of the World's Most Popular Passwords Can Be Cracked in Under a Second

Passwords have turned into a necessary evil, particularly for people who use dozens or hundreds of apps, websites, and other services. Follow the usual rules and create a strong, complex password for each account, and there's no way for you to manage them all on your own. Break the rules and use the same weak passwords on all or most of your accounts, and you risk the threat of compromise from hackers. (By Lance Whitney, TechRepublic) Ingalls: Password complexity should be enforced across all user accounts. Attackers are using several different methods to find accounts with weak passwords and gain access to systems protected by them. Visit on blog post on how to make sure you have secure accounts and passwords to learn more.

Phishing Campaign Targeting Office 365, Exploits Brand Names

Researchers have discovered a sophisticated new phishing campaign that uses recognized brand names to bypass security filters as well as to trick victims into giving up Microsoft Office 365 credentials to gain access to corporate networks. (By Elizabeth Montalbano, Threatpost) Keep your employees on the lookout for signs of social engineering. Click here for a detailed Social Engineering Red Flags PDF courtesy of KnowBe4.

Black Kingdom Ransomware Hacks Networks With Pulse VPN Flaws

Operators of Black Kingdom ransomware are targeting enterprises with unpatched Pulse Secure VPN software or initial access on the network, security researchers have found. The malware got caught in a honeypot, allowing researchers to analyze and document the tactics used by the threat actors. (By Ionut Ilascu, BleepingComputer) Ingalls: Check out our blog post that discusses the importance of patch management, and the benefits of a mature Vulnerability Lifecycle Management program. If you ever have to deal with a ransomware attack, we have another blog that offers some insight when thinking through the Ransomware payment question.

Stuck Between a Data Breach and a Ransom

2020 will be remembered for a whole host of reasons. Campfire stories will be told to grandchildren of when we all had to wear face masks, stand 2 meters apart and were not allowed to hug or shake hands. For those who hunt cybercriminals and attempt to shine a light on notoriously shady hacking operations, the blurring of the lines between what constitutes a ransomware attack and data breach will be the chosen campfire horror story, starting with the Maze ransomware. The gang behind the malware’s distribution saw an opportunity it could not ignore when forcing victims to pay the ransom. Ingenious in its simplicity and dastardly in the extra stress it would cause business leaders, the gang threatened to release stolen data if the initial ransom demanded to decrypt encrypted files was not paid promptly. Soon, these threats became reality. (By Tomas Meskauskas, Security Boulevard) Ingalls: Ransomware has become a serious threat to businesses of all sizes and industries, and traditional security practices are no longer strong enough to protect your business: early detection and response is key. Are you prepared to defend against ransomware?