Articles of interest from the week of October 12, 2020

Emotet Spoofs DNC in New Attack Campaign

A new Emotet attack campaign impersonates the Democratic National Committee (DNC) to convince victims to open a malicious document containing macros to download and install the malware. (By Dark Reading) Ingalls: At a time when cybersecurity is more strategic to businesses than ever before, determining one’s cybersecurity risk management strategy is crucial. Our Master Risk Control: Pick A Cybersecurity Risk Management Strategy blog post provides some valuable insight on the different options..

COVID-19 Related Emails Remain Prevalent in Phishing Campaigns

Coronavirus-related email subjects continue to dominate phishing campaigns, remaining the primary threat, with more than half of phishing emails containing some information related to the COVID-19 pandemic. Phishing campaigns represent a primary attack vector for cybercriminals looking to steal personal information or infect devices with malware. The pandemic proved to be a gold mine for these criminals, as people’s thirst for information regarding this subject increase from one day to the next.  (By: Silviu Stahie, Bitdefender)  Ingalls: Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, and response guidance. Unlike a traditional Managed Security Service Provider (MSSP), our service is geared toward proactive prevention. This includes our in-house Phishing Email Helpdesk (PEH) where we analyze your suspicious email and provide you with detailed recommendations.

Businesses Lack a Workable Ransomware Recovery Strategy

More than a third of businesses do not have a ransomware emergency plan in place or are not aware if one exists within their company. “It is imperative, now as ever, to ensure your organization has processes and procedures in place to mitigate the impact of any cyber-attack and protect sensitive data,” said Philip Bridge, president of Ontrack. (By: Dan Raywood, Infosecurity Magazine).   Ingalls: No one plans to fail; however, failing to plan will often lead to a disaster when it comes to cybersecurity risk management. Our experience in preparing the right plan for your organization can mean the difference between resolving a serious problem with little to no impact or having a minor issue balloon into shareholder lawsuits, regulatory fines, and other nightmares. Contact us today to discuss how you can prepare for successfully managing a cybersecurity crisis by having the right Incident Response Plan.

Microsoft Office 365 Accounts a Big Target for Attackers

Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity. With more than 258 million active users users per month, Microsoft's Office 365 environment — like several other Microsoft technologies — has become a popular target for attackers. (By: Jai Vijayan, Dark Reading). Ingalls: The current data breach landscape speaks to the critical need for businesses to take a proactive approach to cybersecurity in order to be positioned for early detection and fast response. To help fight cyberattacks, Ingalls’ offers Managed Detection and Response (MDR), our MDR offers advanced anomaly detection, threat hunting and sophisticated response guidance utilizing a defense-in-depth approach.

Cybercriminals Have Shifted Their Attack Strategies. Are You Prepared?

Recent threat research shows that during the first six months of 2020, cybercriminals adapted their usual attack strategies to take advantage of the global pandemic and target the expanded attack surface created by the dramatic shift to remote workers. Understanding this trend is critical for security teams tasked with identifying threats and properly securing networks. (By: John Maddison, Security Week) Ingalls: We believe it is important that there are affordable and effective cybersecurity solutions for organizations of every size. We offer best-in-class information security solutions suitable for the largest enterprise companies at a price point that is affordable for SMBs. Request a demo for your company today.