Many factors go into developing a good data retention policy, including client, partner and regulatory requirements, operational needs, and your own service delivery model, but don’t forget to factor in the risks of retaining too much data, retaining required data for longer than necessary, or the need to minimize data and how your risks can be exponentially increased if these decisions are not carefully made.
The Need for Managed Security Monitoring in the SMB Space We received a call to work a malware incident at a small healthcare firm in the Pacific Northwest. We contacted their IT Admin, got a remote session going and started collecting initial information to do some quick triage and find out what we were dealing with. Our Security Engineer quickly identified the malware as Synack Ransomware, and it had compromised […]
Ransomware as a Service (RAAS) Overview Just like you can go out and run your website on a Infrastructure as a Service platform or use a popular CRM system (rhymes with Gale’s Horse) that is referred to as Software as a Service, threat actors can get malware from platforms offering Ransomware as a Service, complete with customization, obfuscation, packing, a billing service so that the hacker and the RAAS folks […]
Wait a Minute, what is a “Powershell Attack” anyway? Attackers are always looking for ways to bypass security and Powershell has become a fan favorite among them. Powershell is present in every system that has Windows 7 or Windows Server 2008 and higher. It is primarily used for system administration and most companies don’t monitor Powershell activity. That along with the fact that Powershell scripts can deliver code without touching […]