The Hafnium Hits Keep Coming: Some Microsoft Exchange Servers Still Vulnerable
Earlier this year, the cybercartel that calls itself “Hafnium” leveled an attack exploiting vulnerabilities in Microsoft Exchange servers. Patches were released by Microsoft. Remediation steps were published. Known incidents were remediated. If everyone knew about and had access to information on identifying and fixing the problem, we should be looking at a closed case, right? On August 13, just as most people thought we were well past the Hafnium attack, a new related exploit was publicly identified by third parties as a potential vector for malicious PowerShell-related commands. The result? LockFile ransomware is being deployed to many organizations’ systems, and the question we are asking is, Why didn’t you update your servers? Of course, updating a complex system is never that simple, but this remains the central issue.
Read More
Responding to Ransomware Series Part IV: What We’re Doing Isn’t Working
It seems that ransomware attacks have skyrocketed amid the pandemic, likely due to increased use of remote work and increased attack surface, combined with new corporate-style models for ransomware cybercartels. While this trend has certainly affected a number of verticals, healthcare seems to have been hit particularly hard, with hospital resources accessible online.
Read More
Responding to Ransomware Series Part III: Addressing Our Collective Risk
You don’t need to be reminded of the 359,000 cybersecurity jobs in the U.S. that went unfilled last year due to a lack of trained, available talent. You’re probably already living that reality. On the one hand, your board is asking for better trained incoming cybersecurity resources who are also young enough (so the logic goes) to accept entry-level pay. On the other hand, reality has proven that even a talented but uncertified high school graduate can command $85-100K starting salary. We are at a bit of an impasse with supply and demand, and it’s yet another reason U.S. businesses are being taken to the cleaners by cybercartel ransomware attacks. If we want to make a serious dent in our collective risk profile, we have to grow our available trained workforce in every community, stat.
Read More
Remembering Ozzie Pena
It is with great sadness we share that on July 29, 2021 Osvaldo “Ozzie” Pena, a deeply beloved and long-term TRUE team member, lost his battle with COVID-19. As many of you know, Ozzie not only adored his own family and kept everything he touched running smoothly at work, but he also became like family to his TRUE teammates and many of our clients.
Read More
TRUE Spotlight: Pulling the Pieces Together with James Keiser
At TRUE, we have seen that successful alignment depends in great part on bridging the space between business strategy and technical execution. We constantly evaluate our clients’ progress and next steps in light of their goal. What’s working? What needs to be replaced? Our goal is to deliver more than just a network. We deliver a partnership. This week we’re highlighting someone who exemplifies that kind relationship in his role as a Technical Liaison Coordinator, James Kaiser. Even if you have your own IT Teams and don’t work with an IT service provider, looking at how James operates can help you think through ways to achieve the same kind of seamless, internal collaborations that James enables every day at TRUE.
Read More
Responding to Ransomware Series Part II : The (next) 4 Ransomware Trends You Were Hoping Never to See
Our goal with this series is to give you a clear, updated picture of what’s happening on the front lines, so you can evaluate your current security strategies and ensure you are truly prepared. In last week’s installation, Part I of our Responding to Ransomware series, we interviewed Kerry McQuarrie to learn the first four (4) trends in ransomware: the corporatization of cybercartels, a decrease in home ransomware, the return of spearphishing, and RAT/RDP attacks. This week, we are diving into trends 5-8.
Read More
Responding to Ransomware Series, Part I : 8 New Ransomware Trends You Need to Know About - An Interview with Kerry McQuarrie
Cyber criminals are doubling their efforts to take advantage of our economic recovery. Kerry McQuarrie serves as Senior Incident Response Engineer at TRUE and is a 20 year veteran of enterprise IT and Security. She is a certified forensics investigator, and every day Kerry mitigates live versions of the attacks you read about in news headlines. This is an interview with Kerry, to get the details you need, straight off the front lines.
Read More
Teamwork for the Win: A Technical Breakdown and Response to the Kaseya Attack
On Friday, July 2, the cybercartel REvil launched a supply chain attack on Kaseya VSA servers that reached scores of Managed IT Service Providers (MSPs), hundreds of their clients, and enterprise Kaseya users, spanning at least 17 countries. This week, our Senior Incident Response Engineer, Kerry McQuarrie, is giving you a breakdown of everything you need to know about the Kaseya attack.
Read More
Teams Can Do All That? How to Up Your Video Conferencing Game
The question most of us face when scheduling meetings now is not whether to meet in person or not, but which conferencing platform to use. Of all the options out there, Microsoft Teams is certainly one of the most preferred. In fact, if your organization uses Microsoft Office 365, you already have access to Microsoft Teams as part of your stack. Are you leveraging the app’s full potential, though? Teams has some tricks that can help you wring a bit more efficiency out of your meetings than you may have even realized was possible.
Read More
Monitoring Your DNS Can Prevent Credential Theft and Brand Disasters
DNS attacks can result in massive profit loss. The fact is, your DNS is an attractive target to attackers, and you need ongoing assurance that it’s secure. We are going to explore several common types of DNS attacks, as well as what you can do to catch them.
Read More