PowerShell

Ransomware Attacks Increased by 68% in 2023 according to Malwarebytes' New "2024 ThreatDown State of Malware Report"

Retrieved on: 
Tuesday, February 6, 2024

SANTA CLARA, Calif., Feb. 6, 2024 /PRNewswire/ -- Malwarebytes, a global leader in real-time cyber protection, today released its 2024 ThreatDown State of Malware report, which reveals that the United States accounted for almost half of all ransomware attacks in 2023. The annual cybersecurity analysis looks at the most prominent attacks and cybercrime tactics across popular operating systems and how IT teams — particularly those that are resource-constrained — can address them.

Key Points: 
  • "Small and medium-sized organizations face a deluge of cyber threats daily including ransomware, malware and phishing attacks.
  • Alongside the rise of ransomware attacks in 2023 (68%), the average ransom demand also climbed significantly.
  • LockBit also remained the most widely used ransomware-as-a-service, which accounted for more than twice as many attacks as its nearest competitor in 2023.
  • In addition to ransomware and malvertising trends, Malwarebytes ThreatDown Labs found attacks on Android, Mac and Windows devices also evolved.

Syxsense Unleashes Supercharged RMM Capabilities, Empowering MSSPs to Conquer Complexity and Optimize Performance

Retrieved on: 
Thursday, January 18, 2024

This release empowers Managed Services Providers (MSP)s and Managed Security Service Providers (MSSPs) to automate more, scale faster, and secure customer environments like never before.

Key Points: 
  • This release empowers Managed Services Providers (MSP)s and Managed Security Service Providers (MSSPs) to automate more, scale faster, and secure customer environments like never before.
  • With Syxsense’s newest product release, the platform enables customers to boost efficiency, reduce complexity, and stay secure.
  • With this new product release, MSPs and MSSPs can say goodbye to alert fatigue with:
    Intelligent Monitoring: Syxsense Cortex™, Syxsense’s no-code automation and orchestration engine, now actively identifies and resolves issues, not just flags them.
  • Additional development on Syxsense Cortex expands the automation capabilities for Syxsense customers, including:
    Bulk Vulnerability Remediation: Easily deploy security remediations across specific devices within the Cortex no-code workflow designer.

WatchGuard Threat Lab Report Shows Rise in Threat Actors Exploiting Remote Access Software

Retrieved on: 
Wednesday, December 6, 2023

Key findings from the data show increasing instances of remote access software abuse, the rise of cyber adversaries using password-stealers and info-stealers to thieve valuable credentials, and threat actors pivoting from utilizing scripting to employing other living-off-the-land techniques to initiate an endpoint attack.

Key Points: 
  • Key findings from the data show increasing instances of remote access software abuse, the rise of cyber adversaries using password-stealers and info-stealers to thieve valuable credentials, and threat actors pivoting from utilizing scripting to employing other living-off-the-land techniques to initiate an endpoint attack.
  • “Modern security platforms that include firewalls and endpoint protection software can deliver enhanced protection for networks and devices.
  • These findings indicate to Threat Lab researchers that threat actors continue to utilize multiple living-off-the-land techniques, likely in response to more protections around PowerShell and other scripting.
  • For a more in-depth view of WatchGuard’s research, read the complete Q3 2023 Internet Security Report here: https://www.watchguard.com/wgrd-resource-center/security-report-q3-2023 .

Huntress Unveils Inaugural SMB Threat Report, Observes a Large Spike in Business Email Compromise

Retrieved on: 
Tuesday, November 21, 2023

Threat actors are evolving their tradecraft to significantly impact SMBs, and our goal is to educate them and give them a fighting chance against the ever-evolving adversarial landscape.

Key Points: 
  • Threat actors are evolving their tradecraft to significantly impact SMBs, and our goal is to educate them and give them a fighting chance against the ever-evolving adversarial landscape.
  • The Huntress SMB Threat Report serves as the definitive guide in helping MSP security professionals know what patterns in adversary tactics and behaviors are out there and how to protect their SMB customers,” said Joe Slowik, threat intelligence manager for Huntress.
  • 64% of identity-focused incidents in Q3 2023 involved malicious forwarding or other malicious inbox rules, a key indicator of business email compromise (BEC).
  • The Huntress threat ops team leverages deep intelligence data from the Huntress managed security platform to deliver unique insights that will help SMBs and their MSPs mitigate their risk and protect their businesses.

ENow Introduces New Security Software to Address Microsoft Entra ID Application Governance Challenges

Retrieved on: 
Wednesday, November 22, 2023

CULVER CITY, Calif., Nov. 21, 2023 /PRNewswire/ -- ENow, a trusted software company with over 19 years' experience assisting organizations across the globe, has a long-standing reputation of simplifying complex monitoring scenarios for Entra ID, Active Directory and Microsoft 365 for their clients.

Key Points: 
  • ENow releases its App Governance Accelerator software to help organizations quickly get control and remain in control of their Microsoft Entra ID apps.
  • ENow App Governance Accelerator then helps admins to fill the gap and improve the organization's app score .
  • The ENow App Governance Accelerator software, used in conjunction with the new free security assessment tool, AppGov Score™ will help organizations identify application security risks and quickly establish an application governance policy.
  • Here, IT professionals will find answers to security questions to improve their application security posture, share recommended practices, and receive constructive feedback from the peer and Microsoft Security MVP community.

Gem Security Sponsors SANS Webinar on Lessons from a Real-World Multi-Cloud Attack

Retrieved on: 
Tuesday, November 14, 2023

NEW YORK, Nov. 14, 2023 /PRNewswire/ -- Gem Security, the cloud detection and response (CDR) company, today announced that it is sponsoring a live SANS webinar to help security operations and incident response teams understand how to rapidly detect, investigate, and contain multi-cloud attacks.

Key Points: 
  • The webinar will describe a real-world example of how adversaries target multi-cloud infrastructures to disrupt operations, exfiltrate sensitive data, and steal funds.
  • To accomplish this while evading detection, they often adapt traditional Living-off-the-Land (LOTL) tactics to the specific API-driven characteristics of the cloud.
  • Discuss how the attack could have been detected, investigated, and contained at each phase of the kill chain.
  • WHAT: SANS webinar featuring Yotam Meitar and Phil Neray.

ConnectWise Announces ConnectWise Sidekick™, the World’s First Purpose-Built AI Companion for Technology Providers

Retrieved on: 
Wednesday, November 8, 2023

ConnectWise Sidekick leverages ConnectWise's proprietary generative AI models and industry-leading large language models to enable TSPs and their SMB clients to utilize natural-language prompts for automation and timesaving.

Key Points: 
  • ConnectWise Sidekick leverages ConnectWise's proprietary generative AI models and industry-leading large language models to enable TSPs and their SMB clients to utilize natural-language prompts for automation and timesaving.
  • It automates tasks such as generating PowerShell scripts, ticket categorization, summarization, providing resolutions, and automated responses to end users.
  • By prioritizing daily tasks and addressing critical problems first, ConnectWise Sidekick increases team productivity and optimizes operations.
  • With offerings such as RMM and PSA, cybersecurity, and centralized solutions under the ConnectWise Asio™ platform, ConnectWise enables productivity in the IT channel ecosystem.

T1 E1 Network Test Solution Capabilities

Retrieved on: 
Thursday, November 2, 2023

“GL's tProbe™ is a test and measurement device for T1 E1 networks.

Key Points: 
  • “GL's tProbe™ is a test and measurement device for T1 E1 networks.
  • GL's Windows Client/Server (WCS) software allows T1 E1 analysis and emulation cards with remote operation, automation, and multi-site connectivity capabilities.
  • It sends commands to T1 E1 WCS servers and shows the responses in Console, PowerShell, or Terminal Windows.
  • Available with Dual T1 or E1, FXO, FXS, DTE and DCE interfaces
    Bit Error Rate Testing over all timeslots.

Automox Launches New AVR as the Fastest Way to Ingest and Remediate Thousands of Vulnerabilities Across Operating Systems and Third-Party Software

Retrieved on: 
Tuesday, October 24, 2023

Automated Vulnerability Remediation ingests and prioritizes vulnerabilities from Rapid7’s InsightVM for immediate remediation via endpoint patching or script automation using Automox Worklets ™.

Key Points: 
  • Automated Vulnerability Remediation ingests and prioritizes vulnerabilities from Rapid7’s InsightVM for immediate remediation via endpoint patching or script automation using Automox Worklets ™.
  • With AVR, IT operations teams gain confidence that all endpoints are constantly and automatically up-to-date and protected against the most severe vulnerabilities.
  • "AVR with CVE-prioritization lets IT focus on fast remediation of critical vulnerabilities across operating systems and third-party software," said Jason Kikta, CISO/SVP Product of Automox.
  • Using AVR and Worklets together, Automox customers gain confidence their vulnerabilities are remediated, and their endpoints are always up-to-date.

Redesigned Syskit Point introduces complete visibility to Microsoft 365

Retrieved on: 
Tuesday, September 26, 2023

CAMBRIDGE, England, Sept. 26, 2023 /PRNewswire/ -- Syskit Point , a leading platform for providing visibility in Microsoft 365 environments, introduced a new homepage and security features.

Key Points: 
  • CAMBRIDGE, England, Sept. 26, 2023 /PRNewswire/ -- Syskit Point , a leading platform for providing visibility in Microsoft 365 environments, introduced a new homepage and security features.
  • A new starting point brings all the crucial dashboards to IT admins in a centralized place to simplify management and increase security.
  • "Through continuous dialog with our customers, we deduced that the biggest challenge is the obscured visibility in the environment and the inability to take action immediately," said Toni Frankola, CEO of Syskit.
  • "Syskit Point is recognized for its superior reporting and management features, but now we're taking things further.