Articles of interest from the week of July 6, 2020

US Secret Service Reports an Increase in Hacked Managed Service Providers (MSPs)

The US Secret Service sent out a security alert last month to the US private sector and government organizations warning about an increase in hacks of managed service providers (MSPs). US Secret Service says hackers are breaching MSPs to orchestrate ransomware attacks, point-of-sale intrusions, and business email compromise (BEC) scams. (By Catalin Cimpanu, ZDNet) Ingalls: In our current, unprecedented climate, an outage can mean the end for a small business. So for MSPs, who are the IT backbone of these small businesses, there’s an urgent need to fill gaps in coverage. Companies need more cybersecurity support from their MSP partners.Ingalls has a Managed Service Provider (MSP) Channel program to help diversify MSP clients’ cybersecurity solutions and strategy in order to respond agilely to any threat that comes their way and maintain their livelihood.

Ransomware + Exfiltration + Leaks = Data Breach

Ransomware-wielding attackers continue to pummel organizations. But labeling these as being just ransomware attacks often misses how much these incidents involve serious network intrusions, exfiltration of extensive amounts of data, data leaks and, as a result, reportable data breaches. (By Mathew J. Schwartz, BankInfoSecurity) Ingalls: We are a specialized, cyber defense company with a mission to prevent and respond to data security breaches. Our consultants, analysts, and engineers are certified and experienced professionals with diverse backgrounds ranging from military and defense intelligence, network security, and information technology, giving us domain dominance and a leading edge in cyber defense. Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, anomaly detection and response guidance utilizing a defense-in-depth approach. We do this by utilizing the very latest in cloud, big data analytics technology, and machine learning along with the cybersecurity industry’s leading incident response team, to identify threats to your environment. If you’d like to learn more, please download our MDR Guide or contact us here. One of our cybersecurity experts will be more than happy to assist you and answer any questions you may have.

ConnectWise Partners Hit By Ransomware Via Automate Flaw

Multiple ConnectWise partners have had their customers hit with ransomware through a software flaw that the company revealed last week with one having several end users compromised, according to a source who spoke on condition of anonymity. (By O’Ryan Johnson, CRN)  Ingalls: Whether your incident is the result of a hacker, ransomware, advanced persistent attack or a negligent employee, Ingalls Information Security is prepared to respond quickly to security incidents with our incident response team. Our certified security and forensic experts can help you contain the situation and determine your next steps. We also offer IR Retainers (24 Hour Response)
with guaranteed access to our Incident Response team.

70% of Organizations Experienced a Public Cloud Security Incident in the Last Year

70% of organizations experienced a public cloud security incident in the last year – including ransomware and other malware (50%), exposed data (29%), compromised accounts (25%), and cryptojacking (17%). (By Help Net Security) Ingalls: We have responded to many different types of data breaches. We have witnessed organizations who had no plan or coordination struggle to effectively recover, and we've provided the necessary crisis management and technical capabilities to fix these issues and get our clients back to normal operations as efficiently as possible.  If your organization is suffering a breach and you need assistance, call our emergency 24x7 hotline at 888-860-0452.

Hackers Hide Phishing Links Inside .ics Calendar Invitations

Threat actors are finding innovative methods to phish people into clicking/downloading malicious links or entering sensitive information on fake forms. In a recent security discovery, the Cofense Phishing Defense Center (PDC) found that cybercriminals are using calendar invitations to launch phishing attacks. (By CISOMAG) Ingalls: This is a good example of why you need end point protection. Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, anomaly detection and response guidance utilizing a defense-in-depth approach which monitors and correlates network activity with endpoints, logs and everything in between.