Tag: SOC
The SOC case files: Play ransomware targets manufacturing firm
Incident summary A U.S.-based manufacturing company was recently targeted by the Play ransomware group in the early hours of the morning. The attackers broke into an under-protected domain controller at 1:00 am. At 3:20 a.m. the gang attempted to execute...
Tales from the security operations center (SOC)
With the frequency and variety of cyberattacks increasing daily, the need for comprehensive security measures has never been more critical. For analysts staffing a security operations center (SOC) for a global extended detection and response (XDR) service, each day brings...
Essential tips and strategies for protecting against ransomware
In September, MGM Resorts faced system outages (affecting hotel room keycard systems and slot machines) and service disruptions at its Las Vegas properties. Caesars Entertainment also reported suffering a data breach that revealed its loyalty program members’ Social Security and driver’s license...
Threat Spotlight: Reported ransomware attacks double as AI tactics take hold
In 2023, artificial intelligence and generative AI have dominated headlines, and their impact is starting to make its mark on ransomware attacks ― for example with AI-enhanced phishing attacks to gain access to target networks and AI-powered automation for greater reach. Over...
What today’s customers expect from their MSPs
For managed services providers (MSPs) to stay competitive, they must anticipate their customers’ needs. This may have been a little easier in the past because there were standard sets of services and capabilities that many clients were looking for when...
Cybersecurity Threat Advisory: New FortiNAC critical vulnerability update released
A critical remote code execution vulnerability (CVE-2023-33299) with a CVSS score of 9.6 has been discovered in Fortinet’s FortiNAC product. This vulnerability poses a significant risk as it could allow an unauthenticated user to execute unauthorized code or commands by...
5 Levels of security operations center maturity
For MSPs that offer cybersecurity services, the security operations center (SOC) has emerged as a critical strategy for protecting client networks. While security software tools can help prevent some types of attacks, the SOC offers the threat detection, investigation and...
Why XDR is essential for MSPs
With the rise in cyberattacks continuing to accelerate, and the complexity of those attacks increasing, managed services providers (MSPs) and managed security services providers (MSSPs) can potentially provide much-needed support for embattled IT departments. However, service providers face the same...
Strengthening Barracuda XDR’s threat intelligence with MISP
Threat intelligence is the fuel that drives the effectiveness of an XDR and a Security Operations Center (SOC). Having a comprehensive collection of threat intelligence can drive down the number of false-positive alerts, enhance threat detection capabilities, and enrich SOC...
Cybersecurity Threat Advisory: EvilExtractor malware surge detected
EvilExtractor malware has spiked in Europe and the US. EvilExtractor is distributed through phishing campaigns and can harvest various types of data, including browser history, passwords, and cryptocurrency wallets. This is a concern because of the malware’s ability to evade...
