Threat Detection and Response : 5 Things You Need To Know About TDR Measures

Cyber security has become one of the biggest threats modern businesses face today. The number of data breaches in the U.S. hit an all-time high last year with 1,093 incidents reported, according to the Identity Theft Resource Center. This marked a 40 percent increase over breaches experienced in 2015. The rising quantity of attacks isn’t expected to slow anytime soon, and the growing sophistication of hackers’ techniques creates substantial problems for businesses.

Many organizations are tackling the issue head-on by increasing their security spending and implementing capable tools. Gartner predicted that worldwide security spending will exceed $113 billion by 2020, with threat detection and response (TDR) capabilities assuming the top priority. Let’s take a closer look at some of the most critical aspects you should know about threat detection and response:

1. Essential Assets Must Be Integrated

It’s good practice to ensure that mission-critical programs work well together to provide employees with the tools they need to effectively and efficiently complete tasks. However, this doesn’t always happen. Every solution has vendor-specific dashboards, logs and consoles that might not play well with other systems. This creates critical communication blind spots between essential assets, leaving the opportunity for attackers to strike. Microsoft noted that piecemeal approaches to essential infrastructure hampers security, and some threats can go undetected in these types of environments for 100 days.

If this sounds like your setup, it will be important to rethink your security ecosystem. Ensure that you’re developing your infrastructure around solutions that integrate and operate

Ransomware Focus : The Risks that the New Variants of Locky Ransomware Pose

Ransomware has been put on the front lines as a cyber security threat, and Locky was one of the first strains to set the standards for modern techniques. The variants that emerged in campaigns in August 2017 and beginning of September have once again directed attention towards the Locky ransomware variants, and the risk it presents to unsuspecting victims. Let’s take a closer look at the new Locky campaigns and what businesses can do to protect themselves effectively from variants.

IKARUS Flies Past Defenses

On August 9, a new Locky variant became part of a large-scale, email-based campaign and managed to slip past some company defenses. IKARUSdilapidated, named from a text string found within the code of the malicious downloaded file, was sent to tens of thousands of inboxes in three days, Threatpost reported. The emails themselves contained little to no content, just the attachment. Because IKARUSdilapidated is still a new strain, it’s currently read as an “unknown file” and is allowed to enter organizations and secure inboxes.

If a user opens the document, they’ll see unusual text, along with the instruction to “Enable macro if data encoding is incorrect”. Users who follow this command will actually be saving and running a binary file that downloads the encryption trojan, enabling the ransomware to take over. This first wave of IKARUSdilapidated has been dubbed the Diablo variant. An infected system will have files renamed to a unique 16-letter and number combination with a “.diablo6” extension, according to BankInfoSecurity. The ransom demands

Faronics Tech Roundup – August in Review

No industry, country or business is safe from cyber security incidents. August saw several high profile network breaches, causing major damage to several organizations. Let’s take a look at some of the biggest news that happened this month.

Game of Leaks: HBO Breached

At the beginning of August, HBO experienced a massive network breach on a scale larger than Sony’s incident from 2014. At first, the attack only appeared to have affected show content from the network, including material from “Game of Thrones”, “Ballers” and “Room 104”. Upon further investigation, the state was worse than initially thought. According to Engadget, hackers responsible for the breach also stole administrator passwords for HBO’s internal network, personal phone numbers for GoT actors and an archive of emails from the vice president for film programing. The attackers threatened to leak these files over the internet, demanding a ransom for their silence.

To add insult to injury, a group called OurMine hacked the social media accounts for HBO and several of the network’s shows. The group claimed to be simply testing the security and asked HBO to get in touch to upgrade its protection, BBC reported. OurMine has hacked high-profile Twitter accounts before, but it contributed to a long string of events for an already downed network.

HBO shows like Game of Thrones were affected by this network breach.

UK Experiencing Cyber Difficulties

Digital transformation doesn’t come easy, and securing digital assets is an even taller bill for many organizations. The U.K. found this out

Ransomware Attacks can be a Costly Proposition for SMBs

Nearly half of surveyed organizations experienced a ransomware attack in 2016, according to a study by Osterman Research. In March of that year alone, 56,000 ransomware infections plagued unsuspecting businesses. So far, 2017 has been another big year for ransomware attacks. WannaCry and NotPetya both impacted thousands of companies and users with seemingly no way out, sending IT professionals and business leaders into panic mode to resolve the issue. Fortunately, patches and other fixes were discovered to slow the spread of these strains, but it doesn’t negate the damage that was done.

Small-and medium-sized businesses (SMBs) can no longer afford to think that a ransomware attack will happen to them. As cyber threats continue to evolve, it will be critical to implement security measures that will prevent breaches and protect critical data. Ransomware attacks can be a costly proposition for SMBs, and it’s important that leaders understand just how much damage these methods can cause.  Even small businesses can be infected with ransomware.

Size Doesn’t Matter – Your Data Does

Looking at some of the most publicized ransomware attacks, it can be easy to think that high-profile companies are most targeted by these methods. However, this complacency is dangerous, particularly when hackers are really only looking to make money from any company that needs to restore its data. Size of businesses no longer matter to ransomware campaigns. Instead, malicious parties look to infect as many computers and networks as possible in the hopes of getting a quick payday – and

Enterprise Endpoint Security : 5 Warning Signs of a Possible Malware Breach

Malware has been around for decades, but the strains that current technology users face are considerably different from those seen years ago. According to industry research, new malware specimen emerged every 4.6 seconds in 2016; in the first quarter of 2017, it occurred at 4.2 seconds. In 2014 when massive malware attacks like Heartbleed rocked the nation, nearly 1 million strains were released every day, according to CNN.

Attackers are working faster than companies can defend themselves, creating a significant problem in effectively detecting and preventing breaches. In fact, 70 percent of malware infections evade discovery by antivirus solutions, Tripwire reported. To make matters worse, of the 17,000 malware alerts the average enterprise receives per week, only 19 percent are considered reliable and 4 percent are investigated.

The more time it takes to identify and eliminate a malware threat, the more damaging and costly it will be. Let’s take a look at the five biggest warning signs that a malware attack has impacted your hardware:

1. Ransom Message

Ransomware is one of the most popular malware techniques used to attack business users. WannaCry and NotPetya were two in recent memory that impacted thousands of organizations across the world, causing many leaders to panic. While answers to both threats were eventually discovered, considerable damage was already done. Hackers are improving the packaging of their malware to appear legitimate and convince more people to download the malicious files.

A ransom is