Ransomware cyberattack takes down Norwegian aluminum company’s entire worldwide operations

Norsk Hydro’s Ransomware cyberattack

A major ransomware cyberattack that has taken down the Norsk Hydro’s entire worldwide network, affecting operations, worldwide production, and their 35,000 employees. Executive briefing The situation is quite severe. Our entire worldwide network is down. IT-systems in most business areas are impacted, and the company has switched to manual operations where possible. There have been Read More »

Threat actors exploiting trust relationships with IT Service Providers

threat-actors-exploiting-trust-relationships-with-IT-service-providers

Most businesses, especially Small-Mid-size Businesses (SMB), outsource their IT to Managed Service Providers (MSP) to manage their network, servers, desktops, peripherals, and A/V needs. Most SMBs expect the MSPs to provide security coverage along with IT Support. Typically, MSPs manage hundreds of networks and provide two shifts of services and maintenance activities. IT Service providers Read More »

Business E-mail Compromise (BEC) Scam $12B in 5 years

Business-E-mail-Compromise-scams

Business E-mail Compromise scams A spear phishing hacking group, working out of the United Kingdom and Nigeria, has been using business email compromise (BEC) scams and have stolen more than $12 million. This group targeted small and midsize businesses from various industry groups such as manufacturers, hotels, universities, cloud service operators, and so on. This Read More »

SamSam Ransomware — What is this and How to defend?

Samsam Ransomware

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued an alert for SamSam ransomware to describe how hackers armed with SamSam targeted multiple industries. The U.S. Justice Department has charged two Iranian nationals as the masterminds behind the recent SamSam ransomware attacks. The cyber kidnappers behind SamSam ransomware attacks in Atlanta and Colorado earlier Read More »

Ascent InfoSec in the Top 100 MSSPs for 2018

Ascent InfoSec Top MSSP

Ascent InfoSec, the cybersecurity practice of Ascent Innovations LLC, is one of the Top 100 Managed Security Services Providers according to the research that evaluates MSSPs globally and 80 of these firms are based in United States. The Managed Security services span various technologies such as Firewalls, IDS/IPS, Web & Email gateways, Advanced Threat Defense, Read More »

Reduce Exposure Time: Managed Detection & Response

Q3Threats

Reducing the time an attacker spends in an environment is a key to mitigate the damage they can do. While most Managed Security Services Providers (MSSPs) are adept at responding to security alerts, Managed Detection & Response (MDR) services enhance the ability to track down attackers and eliminate them from an operating environment. The vital Read More »

FBI and DHS Issue Joanap and Brambul Malware Attack Warning

FBI and DHS Issue Joanap

According to an FBI and DHS warning, the Hidden Cobra hacker team in North Korea is using Joanap and Brambul malware to attack and access networks, primarily targeting media, aerospace, financial, and infrastructure companies. Joanap, a remote access tool, can secretly receive commands from Hidden Cobra. Brambul, a brute-force authentication worm, tries to access networks. Read More »

State Attackers Moving from Stealing Data to Social Meddling

State Attackers Moving from Stealing Data

The new cyber intelligence report expects that the monetary benefits will allure the use of crypto-mining malware and cryptocurrencies by cyber attackers this year. The cyber state attacker force is growing at an alarming rate. New bad actors. Few unexpected nation states are rising in the ranks of sponsored attackers, including spying on thousands of Read More »

MSSPs waste resources on False Positive alerts

MSSPs waste resources

One of the key findings from the survey of MSSP analysts conducted by Advanced Threat Analytics is that majority of the respondents report a false-positive security alert rate of more than 50%. Many analysts spend 5-6 hours a day investigating security alerts, with high false-positive rates. This frequently compromises security effectiveness and prevents security analysts from Read More »