Intrusion

Thanks to notorious hacking groups like LockBit and REvil, ransomware doesn’t appear to be going away anytime soon. So how can your organization keep a lock on its critical infrastructure? 🔐

Here are 4 things you should know:

1. Ransomware-as-a-Service is turning every cybercrook and criminal into a ransomware operator
2. Organizations with critical systems and infrastructure are in grave danger
3. Threat Actors are Getting Creative
4. Even SMBs are at risk

Check out our latest blog for additional insights into this highly disruptive malware and its state of affairs for the remainder of 2023: https://bit.ly/3rLubl6

🚨- Armageddon. This Moscow-linked hacking group remains one of the most active and dangerous threat actors targeting Ukraine during its war with Russia.

While the group is widely known for its cyber espionage operations against Ukrainian security and defense services, Armageddon has also been linked to at least one destructive attack against an unspecified information infrastructure facility.

Read more about Armageddon’s latest activities here: https://bit.ly/477cNro

The demand for professionals continues to outweigh the supply.

Retaining quality talent is more critical now than ever.

From fostering professional growth to establishing a supportive company culture, our recent blog takes a closer look at how your organization can beat the talent shortage - you may even catch a few tips for retaining quality cybersecurity talent 💡

Cloud workloads and data storage environments are becoming inundated with troves of data -- much of which is extremely sensitive.

75% of businesses said that more than 40% of data stored in the cloud is sensitive, which is up 26% from last year alone.

Check out the full report from Thales: https://bit.ly/43G08bG

New ransomware tactics are on the horizon 🌅

According to Johnny Scott, our Cyber Threats Manager, extortion-only techniques enable threat actors to achieve the same results (full or partial payment of the ransom and exfiltration of large amounts of data), while saving money and resources due to not having to develop new encryption methods or working with victims to use their purchased decryption keys.

are 3x more likely to be hit by certain cyber attacks than their larger counterparts, emphasizing the importance of strengthening security postures within smaller organizations. 🏋💪

Our latest blog provides 5 tips that will help SMBs their practices - we’ll even dish on the reasons why threat actors target these businesses: https://bit.ly/3J6Txjf

Level Up Your Cybersecurity: 5 Tips for SMBs - Intrusion Small and medium-sized businesses (SMBs) are now at least 3x more likely to be hit by certain cyber attacks than their larger counterparts. This finding, which was part of a report published just last year, highlights the need for SMBs to improve their security posture. You’ll learn some tips for ...

🚨- RomCom RAT. Nope, this group isn’t airing reruns of your favorite early 2000s romantic comedies.

Instead, they are suspected of conducting a series of phishing attacks targeting the upcoming NATO Summit in Vilnius, as well as an identified organization supporting Ukraine abroad.

Read more about RomCom’s latest activities: https://bit.ly/44ObTOf

A series of espionage attacks against U.S. government agencies has lead CISA to issue a directive aimed at eliminating Internet-exposed management interfaces running on edge devices in Federal Civilian Executive Branch (FCEB) agency networks.

According to CTO and Co-founder Joe Head, this directive is a good, prudent step, as it requires what good security practice has always mandated.

📣Hear more from Joe here: https://bit.ly/445tzFi

Whether you take your at-home office to a beachfront Airbnb or cabin in the mountains this summer, today’s hybrid work environment doesn’t just expand your attack surface - it stretches your security layer dangerously thin.

Shield Endpoint enables remote connectivity and safe web browsing between secure network enclaves, hardening your expanded network surface. Learn more about how Intrusion can protect and secure your endpoints: https://bit.ly/3Il6Ehk

🚨Gaining particular prominence since April, this gang appears to disproportionately target educational organizations, representing eight of its 36 observed victims.

Akira is known for its harsh “double extortion” approach, stealing data from victims and threatening to leak it if the ransom is not paid: https://bit.ly/3pm3RwW

Maintaining legacy systems can pose significant challenges, especially at the federal level. In fact, the federal government spends more than $100 billion - each year - on IT and cyber-related investments!

Of this amount, agencies have reported spending about 80% on operations and maintenance of existing IT, including legacy systems: https://bit.ly/44jQfBE

Security team slacking off? 😴

Nope! You just need the right data to see the malware in your network.

Shield OnPremise helps you understand your environment’s biggest threats, even when time is of the essence. See the impact Intrusion can make on your business today: https://bit.ly/3SlLHFN

🚨Anonymous Sudan may be the “new kid” on the block, but this hacking group is anything but inexperienced.

The group targets organizations and government agencies worldwide, taking them down in DDoS attacks or leaking stolen data. More recently, Anonymous Sudan turned their attention to Outlook, Azure and OneDrive, demanding $1 million to stop the attacks: https://bit.ly/3NBkA95

Today and every day, we are grateful to be from the land of the free and home of the brave!

From Intrusion to you, Happy Fourth of July 🇺🇸

Have you checked out Verizon’s 2023 Data Breach Investigations Report? 🤔

Don't worry, we got you covered. ✅

In our latest blog, we take a closer look at our picks for the three most surprising finds in this year’s .

Read more:

3 Surprising Finds in Verizon's 2023 Data Breach Investigations Report - Intrusion Verizon recently released their highly anticipated annual 2023 Data Breach Investigations Report a.k.a. DBIR. Many blog posts out there speak on the “top findings” or “top key takeaways” of the report, so I decided to focus on the things I found surprising rather than a verifcation of my sus...

It’s no secret that poses existential risks that will only become more pronounced in the future, but the time to start discussing them is now.

📣 According to our Assistant VP of Innovation Engineering Stephen Blystone, one of the most significant risks we are already experiencing is the propagation of misinformation.

Everything is moving to the cloud, including 🌥 Are you prepared to weather a potential cyber storm?

Shield Cloud helps to protect your private cloud environment from unknown threats. Learn more about how Intrusion can proactively protect your “atmosphere”: https://bit.ly/3kQk0IR

🚨The threat actors behind this gang have received more than $60 million in ransom payments, compromising over 100 entities across the world.

Cuba, also known as Tropical Scorpius, has been observed targeting financial services, government facilities, healthcare, critical manufacturing and IT sectors, while simultaneously expanding tactics to gain initial access and interact with breached networks: https://bit.ly/3NuuPLb

Ransomware attacks have been on an upward trend since 2020, and they don’t appear to be letting up any time soon… 📈

It may be alarming to hear that there are 1.7 million ransomware attacks every day (19 every second!), but that statistics predict a ransomware attack will occur every two seconds by 2031?
https://bit.ly/44bgvOs

As the general accessibility of tools - like - continues to grow, the future of software development and testing is sure to experience an enormous impact.

How will this AI revolution augment engineering teams? Our Assistant VP of Innovation Engineering Stephen Blystone weighs in 📣

Growing your business is easy when you have an innovative cyber threat intelligence offering.

That’s why Intrusion partners with leading distributors, resellers and MSSPs, helping businesses of all sizes protect their most valuable assets. Become a partner today: https://bit.ly/3z6WmeO

🚨While the endgame of this new hacking group remains a mystery, Asylum Ambuscade has claimed responsibility for thousands of attacks on organizations worldwide.

The group employs a wide variety of tools to engage in all kinds of malicious activities, some of which include grabbing screenshots, stealing passwords stored in popular internet browsers, deploying Cobalt Strike loaders, running a keylogger and more: https://bit.ly/446pj85

Is a storm brewing in your cloud? ⛈🤔

80% of organizations encountered a significant security incident related to their cloud infrastructure in 2022. Of these incidents, the top three experienced were cloud data breach (33%), cloud data leak (28%) and environment intrusion (27%): https://vz.to/3qBz1ku

Hackers are hitting hard…is your organization’s data at risk? 🤔

According to our AVP of Innovation Engineering Stephen Blystone, there is always a risk for cloud services, like ChatGPT, to have vulnerabilities that can lead to customer data exposure. Performing extensive testing and adding additional verifications can significantly reduce your risk of data exposure.

Hear more from Stephen in this one-on-one interview: https://bit.ly/3N4XzcW

Implications of Sharing Corporate Data with Generative AI - Stephen Blystone, Intrusion - Techstrong TV Stephen Blystone, assistant vice president of innovation for Intrusion, explains why sharing corporate data with general purpose generative artificial intelligence (AI) services such as ChatGPT creates a cybersecurity breach.

are 3x more likely to be hit by certain cyber attacks than their larger counterparts. 🏋💪

Here are 5 tips that can help you level up your practices and why you are a target: https://bit.ly/3J6Txjf

Bitly | Too Many Requests | 429 Error This is a 429 error. Try accessing this page directly or wait a few minutes and try again. Everyone has their limits, and we're getting too many requests right now.

🚨Turla: From USB worms to satellite-based hacking, this Russian state-sponsored group has spent 25 years distinguishing themselves as “adversary number one.”

Last month, the U.S Justice Department and the FBI announced they had dismantled an operation by Turla that infected computers in more than 50 countries with a piece of malware known as “Snake.”
https://bit.ly/3oqUlYZ

Verizon just released its annual Data Breach Investigations Report, and it looks like will continue its reign as a top threat for organizations of all sizes and industries. 🔍

While the rate of attacks increased only slightly this year (now being present in 15.5% of all incidents,) 91% of industries still have Ransomware listed as one of their top three actions.

Read more:

DBIR Report 2023 - Summary of Findings Here are the summary of findings for the DBIR 2023 report which provide a high level overview on what we are seeing regarding the latest trends in data breaches.

Security team slacking off? Nope. ❌
Defective tools? Also, nope. ❌
The problem? You don’t have the right data. ❗

Shield OnPremise gives you the historical data you need to identify and block potentially malicious connections without impeding the good ones.

Learn more: https://bit.ly/3GqoTix

False positive security alerts come with costs.

$$ cyber attacks due to missed threats
$$ turnover from alert fatigue and burnout
$$ time and resources

Learn more about the hidden costs of false positive security alerts in our latest blog:
https://bit.ly/3oAyhLS

The Hidden Costs of False Positive Security Alerts - Intrusion People in your organization who are working in security operations (SecOps) face security alerts on a daily basis. The problem is, the majority of those alerts are just false positives, which can potentially lead to some serious consequences. In this post, we’ll explain what false positive alerts ...

🚨Volt Typhoon: By the looks of it, no one is off limits from the latest Chinese-sponsored hacking campaign.

Recently unearthed by Microsoft researchers, Volt Typhoon targets organizations in the communications, government, utility, manufacturing, maritime and other critical sectors, the primary focus appearing to be cyber espionage: https://bit.ly/3MyjPfi