Tag: SOC

SOC files
The SOC case files: Play ransomware targets manufacturing firm

The SOC case files: Play ransomware targets manufacturing firm

Incident summary A U.S.-based manufacturing company was recently targeted by the Play ransomware group in the early hours of the morning. The attackers broke into an under-protected domain controller at 1:00 am. At 3:20 a.m. the gang attempted to execute...

/ November 21, 2024 / 5 Comments
Tales from the security operations center (SOC)

Tales from the security operations center (SOC)

With the frequency and variety of cyberattacks increasing daily, the need for comprehensive security measures has never been more critical. For analysts staffing a security operations center (SOC) for a global extended detection and response (XDR) service, each day brings...

/ July 4, 2024
Essential tips and strategies for protecting against ransomware

Essential tips and strategies for protecting against ransomware

In September, MGM Resorts faced system outages (affecting hotel room keycard systems and slot machines) and service disruptions at its Las Vegas properties. Caesars Entertainment also reported suffering a data breach that revealed its loyalty program members’ Social Security and driver’s license...

/ November 16, 2023
Threat Spotlight: Reported ransomware attacks double as AI tactics take hold

Threat Spotlight: Reported ransomware attacks double as AI tactics take hold

In 2023, artificial intelligence and generative AI have dominated headlines, and their impact is starting to make its mark on ransomware attacks ― for example with AI-enhanced phishing attacks to gain access to target networks and AI-powered automation for greater reach. Over...

/ August 2, 2023
What today’s customers expect from their MSPs

What today’s customers expect from their MSPs

For managed services providers (MSPs) to stay competitive, they must anticipate their customers’ needs. This may have been a little easier in the past because there were standard sets of services and capabilities that many clients were looking for when...

/ July 31, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New FortiNAC critical vulnerability update released

Cybersecurity Threat Advisory: New FortiNAC critical vulnerability update released

A critical remote code execution vulnerability (CVE-2023-33299) with a CVSS score of 9.6 has been discovered in Fortinet’s FortiNAC product. This vulnerability poses a significant risk as it could allow an unauthenticated user to execute unauthorized code or commands by...

/ June 27, 2023
5 Levels of security operations center maturity

5 Levels of security operations center maturity

For MSPs that offer cybersecurity services, the security operations center (SOC) has emerged as a critical strategy for protecting client networks. While security software tools can help prevent some types of attacks, the SOC offers the threat detection, investigation and...

/ June 7, 2023 / 9 Comments
Why XDR is essential for MSPs

Why XDR is essential for MSPs

With the rise in cyberattacks continuing to accelerate, and the complexity of those attacks increasing, managed services providers (MSPs) and managed security services providers (MSSPs) can potentially provide much-needed support for embattled IT departments. However, service providers face the same...

/ May 4, 2023
Strengthening Barracuda XDR’s threat intelligence with MISP

Strengthening Barracuda XDR’s threat intelligence with MISP

Threat intelligence is the fuel that drives the effectiveness of an XDR and a Security Operations Center (SOC). Having a comprehensive collection of threat intelligence can drive down the number of false-positive alerts, enhance threat detection capabilities, and enrich SOC...

/ April 27, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: EvilExtractor malware surge detected

Cybersecurity Threat Advisory: EvilExtractor malware surge detected

EvilExtractor malware has spiked in Europe and the US. EvilExtractor is distributed through phishing campaigns and can harvest various types of data, including browser history, passwords, and cryptocurrency wallets. This is a concern because of the malware’s ability to evade...

/ April 27, 2023