Threat Report Wednesday April 1st 2020
Paul Scott on April 1, 2020
This week we’re covering: Another round of COVID-19 miscreants targeting healthcare organizations and using the pandemic as a lure A de-evolution in FIN7 tactics that move from phishing e-mails to phishing snail-mails Details on a critical vulnerability in a popular WordPress plugin that allows site hijacking Sodin Holding NEDA Ransom FBI report on Orangeworm RAT Kwampirs targeting healthcare On March 30, 2020, the FBI released new information on a Kwampirs Remote Access Trojan (RAT) campaign by Orangeworm (aka Gorgon Group) targeting healthcare.
Threat Report Thursday March 26th 2020
Paul Scott on March 26, 2020
It should be no surprise that hackers are breaking their promises. The World Health Organization, FedEx, and U.S. Human Health Services are being used in COVID-19 lures. In other hacking news, Russian FSB nabs 30 hackers in coordinated raids and the window of opportunity is open for two unpatched Windows code execution vulnerabilities being actively exploited. Threat actors using COVID-19 information as a lure The spread of coronavirus disease 2019 (COVID-19) has led to a change in the attack surface of many organizations.
Release Notes
March 24, 2020
Threat Report Thursday March 19th 2020
Paul Scott on March 19, 2020
In this week’s threat report, we’re covering a new capability in the evolution of Trickbot, critical vulnerabilities in Adobe Reader and Adobe Acrobat, a code execution proof of concept (PoC) for Joomla, and a blog post by Sodinokibi ransomware team that could shake up stock prices. Trickbot learns new RDP brute force trick On March 18, 2020, researchers identified a new module for Trickbot banking Trojan called “rdpScanDll.” This new module bruteforces the Remote Desktop Protocol (RDP) and targets a specific list of victims operating in the telecommunication, education, and financial services industries in the United States and Hong Kong.
Securing Remote Workers
Mike Riggs on March 17, 2020
Pandemic planning: it encompasses everything from continuity of operations planning all the way to how HR handles sick employees. I’ve been through several of these myself after 22 years in this biz, for educational institutions and banks before I joined Perch. In the beginning, I used to think they were silly exercises for events that were only theoretical (and why would it be any different than disaster recovery planning, right?). Pandemic planning has its own unique flavor when it comes to impact on your organization.
Perch Cliff Notes for the MSP
Michael Brands on March 16, 2020
Over the past year or two, the term MSP 2.0 has been used to signify the evolution of Managed Service Providers (MSP) to include more cybersecurity focused elements to help improve client security while continuing to drive monthly recurring revenue. On the surface, this certainly seems like a win-win for most Managed Services Providers, but simply including additional cybersecurity products and services in the MSP stack doesn’t necessarily equate to instant success.
Threat Report Thursday March 12th 2020
Paul Scott on March 12, 2020
In this issue of the usually weekly threat report, we’ve got some hot news. Keep on the lookout for a new worm on the heels of a SMBv3 buffer overflow, Microsoft disrupts the Necurs Botnet, hackers are actively exploiting Microsoft Exchange, and Magecart skims cards with a little help from Cloudflare. Let’s get this party started. SMBv3 Buffer Overflow breaks ground for new worm On March 10, 2020, Cisco Talos and Fortinet researchers leaked a new worm-able vulnerability in the Microsoft Server Message Block (SMB) protocol before Microsoft’s regular Patch Tuesday update cycle.
Release Notes
March 9, 2020
Release Notes
February 27, 2020
Perch Security named winner in Cybersecurity Excellence Awards 2020
Perchy on February 20, 2020
“Congratulations to Perch Security for being recognized as the Gold award winner in the following categories of Cyber Threat Intelligence, Intrusion Detection & Prevention, Managed Detection and Response (MDR), Security Monitoring, and Threat Detection, Intelligence and Response of the 2020 Cybersecurity Excellence Awards,” said Holger Schulze, CEO of Cybersecurity Insiders and founder of the 400,000-member Information Security Community on LinkedIn that jointly produce the awards program. “With over 500 entries in more than 90 award categories, the 2020 awards are highly competitive and all winners truly reflect the very best in today’s cybersecurity industry.
Subscribe to our blog