Sage Advice - Cybersecurity Blog

Anatomy of a Ransomware Attack and How to Detect the Threat

Ransomware continues to be a significant threat to organizations of all sizes. Victims of an attack are denied access to their data. Many times, files are encrypted, and a ransom is demanded to restore access. If hit, the best-case scenario is that you have clean backups to restore your systems and can avoid paying the ransom.  However, downtime is often more detrimental than ransom costs. Recovery is expensive, and there is a significant cost in system downtime, emergency response, and reputation damage.

Read More

Topics: Ransomware, Threat Hunting

Does Malware Have Citizenship?

In talks with information security professionals at security conferences, user group events, and customer sites, Chester Wisniewski frequently fields questions about country-based blocking as a network defense tactic. Though he couldn’t find any published data to confirm his assumptions, “I couldn’t see any meaningful correlation between the countries from which traffic originates and attack patterns,” said Wisniewski, a principal research scientist at Sophos.

Read More

Topics: CyberCrime Symposium, Threat Intelligence, Threat Hunting

Why Your Business Should Consider Managed Threat Detection

When it comes to cybersecurity, organizations are moving away from prevention-only approaches, and focusing more on detection and response. The shift to this approach "spans people, process and technology elements and will drive a majority of security market growth over the next five years.,” says Gartner’s principal research analyst, Sid Deshpande.  Of course it doesn’t mean that prevention techniques aren’t still an important part of your security program. But it “sends a clear message that prevention is futile unless it is tied into a detection and response capability.”

Read More

Topics: Threat Detection Tips, Threat Hunting

Threat Hunting: Common Attack Vectors and Delivery Channels

It’s generally accepted that the best defense is a good offense. In cybersecurity terms that means taking a more proactive approach to catching our cyber adversaries. Cyber threat hunting is an effective method for searching your network for malware and other threats that have evaded traditional security defenses. To be a successful threat hunter it’s important to understand the adversaries we’re facing, as well as the tricks and techniques they use. Let's take a look at a few.

Read More

Topics: Threat Detection Tips, Threat Hunting

Threat Hunting: Six Cyber Adversaries to Pursue

When threat hunting, you must first understand the adversaries you’re facing. While their techniques may be very similar, what motivates them can be very different. Understanding these motivations can provide you with a better understanding of where and when a cyber attacker may strike or when an unwitting accomplice takes measures that present undue risk to the organization.

Read More

Topics: Cyber Defense, Threat Hunting

Threat Hunting: Anatomy of a Cyber Attack

Hackers are people, so when threat hunting, it’s important to think like they do. You need to understand the tricks and techniques that are commonly used. This intellectual capital can provide mature threat hunters with an advantage as they share common skills and traits with their unethical counterparts. 

Read More

Topics: Threat Detection Tips, Threat Hunting

Cyber Threat Hunting and Indicators of a Cyber Attack

As the number of successful cyber-attacks continues to soar, it's time to take a proactive stance to detect them. You can’t simply sit back and wait for an automated alert to let you know you’ve been breached. You need to actively seek out potentially malicious behavior on your network. Hunting down indicators of attack, so you can detect and contain an incident as quickly as possible.

Read More

Topics: Threat Detection Tips, Cyber Defense, Threat Hunting

An Introduction to Cyber Threat Hunting

In order to keep up with the deluge of new cyber threats and malware attacks, cyber threat hunting is becoming more popular. Cybercriminals continue to get more adept at using techniques and building tools that make it extremely difficult for traditional signature-based technologies to detect them. So difficult in fact, that it’s fairly common for an organization to not know an intrusion has occurred for days, weeks, or even months.

Read More

Topics: Log Analysis, Threat Detection Tips, Cyber Defense, Threat Hunting

Seven Types of Malware You Should Be Aware Of

Malware, short for “malicious software,” is software (or script or code) designed to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems and mobile devices. 

Read More

Topics: Malware, Cyber Crime, Threat Hunting