Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and remediating threats to prevent lateral spread.
Investigation and enhanced threat detection across multi-cloud or hybrid environments.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Customer testimonials and case studies.
Stories on cyberattacks, customers, employees, and more.
Cyber incident, analyst, and thought leadership reports.
Demonstrations, seminars and presentations on cybersecurity topics.
Information and solution briefs for our services.
MITRE ATT&CK Framework, Cybersecurity Assessment, SOC Calculator & more
On June 15, 2015, we sent an advisory regarding targeted social engineering/phishing attacks of elevated sophistication attempting to engineer fraudulent wire transfers across our clients. Since then, media reports have created better visibility into these types of attacks. On August 27, 2015 Brian Krebs (of krebsonsecurity.com) posted a summary of an FBI news release: (http://krebsonsecurity.com/2015/08/fbi-1-2b-lost-to-business-email-scams/).
Despite additional visibility and media coverage, these attacks continue to find success.
Over the past two months, we have analyzed over a dozen of these recent attack attempts within our client base, and have additional details to share:
As these types of attack rely upon tricking people with email content and contains no technical exploits, there are very few technical remedies. However, we recommend the following additional options:
All should watch the three most common Neuro-Linguistic Programming (NLP) techniques attackers use to gain information:
For example, a false request might look as though the CEO of the company has sent an urgent request to have money transferred, however they are in a board meeting and request that they are not disturbed. Existence of any two of these three NLP characteristics may indicate a potential fraud situation and should require further critical analysis.
We also recommend the following out-of-band verification methods:
Get notified when there's a new security advisory, and receive the latest news, intel and helpful tools & assets. You can unsubscribe anytime.