Kivu Consulting
Kivu is a global technology and consultancy firm that combines technical and legal expertise to deliver cybersecurity solutions worldwide.
Dan Paulmeno manages the people and tools that detect, respond to, and stop . Making the internet a safer place and continuing to learn are his favorite parts of the job. For Dan, it’s about the person over the technology, and he values Kivu’s parallel people-first approach.
Dan is highly adaptable and energized by change — perfect for the world. As threats evolve, he’s primed to meet the challenge. Kivu and our clients are lucky to have him.
Can Organizations Still Pay Demands? The Russian conflict against brought devastating impacts for both nations. Beyond the initial tragedy, as fighting continues and sink in, government and industry can expect cascading implications of a global magnitude. Those implications include greater cyber risk.
Check out Kivu Consulting's newest insights blog co-authored by Matt McCabe, General Counsel, and Winston Krone, Chief Research Officer.
https://kivuconsulting.com/blog/can-organizations-still-pay-ransomware-demands/
Can Organizations Still Pay Ransomware Demands? The Russian conflict against Ukraine brought devastating impacts for both nations. Beyond the initial tragedy, as fighting continues and sanctions sink in, government and industry can expect cascading implications of a global magnitude. Those implications include greater cyber risk. What does that m...
With the escalating crisis in Ukraine, there is a heightened sense of concern felt by our clients and community. Kivu has created a conflict advisory center to provide free advice on the top actions needed to reduce risk and impact. Also, we can perform a free assessment to answer the question: “are we compromised but don’t know it?”
Our team of experienced and professionals are continuously monitoring this situation. Leveraging years of experience fighting Russian , we can support you with real-time intelligence and insights to help strengthen your defenses in this time of increased activity.
US Hotline: +1 855.548.8767
Europe Hotline: +44 203.997.8334
As employers allow more employees to work from home, safeguarding company networks continues to be a challenge. To mitigate the increased risk from phishing campaigns targeting remote workers, many companies have adopted two-factor authentication (2FA). 2FA may consist of a one-time code sent via SMS or email, a token, or a unique cryptographic key. This adds an extra layer of protection because the threat actor (TA) needs more than just your username and password.
However, hacker tactics are evolving quickly and are now using reverse proxy phish kits to work around 2FA. These kits use a transparent reverse proxy to present the actual website to the victim, keeping the ruse of the legitimate website intact. Another advantage of the reverse proxy is that it allows the threat actor to man-in-the-middle (MitM) a session, capturing credentials and the session cookie to access the account. This technique easily evades detection and has remained a blind spot for industry professionals. Kivu recommends client-side TLS fingerprinting, which may help identify MitM requests so security personnel can take appropriate protective measures.
Coming Thursday, February 17! Join Kivu Consulting’s VP of Cyber Risk and Resilience, Dustin Owens, for a webinar “Getting Ahead of the Risks,” hosted by McGriff.
Dustin will be presenting with McGriff’s ERA Senior VP and Claims Manager, Natalie Santiago. During this session, attendees will learn current cyber-threats affecting organizations, top methods used to carry out cyber threats, and leading strategies and tactics to better protect your organization.
Register here! https://bit.ly/3J3I5m3
Gurvinder is part of the Uk’s Digital Forensic and Incident Response team. With a deep passion for technology and client excellence, Gurvinder meets all client engagements with professionalism and works tirelessly to help clients resolve some of their biggest challenges.
Join Kivu Consulting’s VP of Cyber Risk and Resilience, Dustin Owens on February 17th for a webinar “Getting Ahead of the Risks” hosted by McGriff.
Dustin will be presenting with McGriff’s ERA Senior VP and Claims Manager, Natalie Santiago. During this session, attendees will learn current affecting organizations, top methods used to carry out cyber threats, and leading strategies and tactics to better protect your organization. https://bit.ly/3J3I5m3
Ransomware gangs are now recruiting employees to help them breach networks and encrypt data, promising a big payout. Employees can be recruited through social media or even phone calls. Kivu recommends paying particular attention to employee actions, looking for atypical work hours, violations of information security policies, and attempts to access restricted networks. Take CISA’s Insider Risk Self-Assessment to gauge your organization’s vulnerability to insider threats.
https://lnkd.in/eZr5STcU.
Contact Kivu today at [email protected] to learn more about how to identify and shore up your cyber vulnerabilities.
Insider Risk Self-Assessment Tool | CISA Insider threats pose significant risk to the safety and security of America’s critical infrastructure and the organizations that keep infrastructure operational.
Couldn’t make NetDiligence in Ft. Lauderdale last week? Register now for the webinar version of the Ransomware Advisory Group Roundtable, where Kivu’s General Counsel Matt McCabe discusses ransomware attack vectors and other valuable insights. The webinar will be released on February 17, 2022, at 8:00 am Eastern. Register today!
https://gateway.on24.com/wcc/eh/2341608/cyber-risk-summit-virtual-programming
Turning into the new millennium, it was clear to Justin that technology would influence each and every business in some way or another. With that came unique security challenges that most organizations don’t have the time to keep up with. Justin embraced the opportunity to become part of an ever-changing landscape to help organizations solve of their most harrowing problems.
Cybersecurity incidents are devastating, and quickly restoring information and services after an incident is critical to business operations. Available onsite or remote, Kivu’s Recovery & Transformation team can help restore critical operations to ensure your business is up and running as quickly as possible.
Are you prepared for a ransomware attack? Incident response planning is an essential component of an organization’s cyber readiness plan. As modern technology continues to evolve, so should your defenses. Minimize operational disruption in the event of a cyberattack by regularly testing your incident response plans to ensure your organization is prepared to respond quickly and efficiently.
Kivu has extensive expertise serving the needs of start-ups, technology businesses, and other high-growth companies. No organization is immune to attack, and a company’s , , intellectual property, and trade secrets may be at risk. Kivu’s team of rapid responders can work with clients on-site or remotely to provide a quick, effective response to any cybersecurity event.
With a knack for analytics and performing root cause analysis, Roman Weathermon has a gift for analytics and performing root cause analysis. Part of the team, Roman uses his skills to support organizations responding to .
Ransomware is a costly and devastating business interruption that will continue to be the largest security issue in 2022. Download Kivu Consulting's 2022 Ransomware Report for a breakdown of the 2021 ransomware landscape, ransom payment trends, and information on navigating negotiations.
https://kivuconsulting.com/resources/ransomware-report-2022/
Ransomware Report 2022 Ransomware is a costly and devastating business interruption that will continue to be the largest security issue in 2022.Download Kivu Consulting’s 2022 Ransomware Report for a breakdown of the 2021 ransomware landscape, ransom payment trends, and for information on navigating negotiations.
Researchers with Trend Micro have identified a new family dubbed White Rabbit. White Rabbit was observed in December 2021, targeting a local bank in the US and may be associated with the threat group known as FIN8. FIN8 has previously been known for its reconnaissance and infiltration tools targeting the financial services sector. While Kivu has not yet observed White Rabbit in the wild, it has the potential to cause significant harm as it develops in sophistication. Organizations in the financial services sector should track researchers’ evolving analyses of White Rabbit and evaluate the of their environment to tactics associated with White Rabbit.
https://www.trendmicro.com/en_us/research/22/a/new-ransomware-spotted-white-rabbit-and-its-evasion-tactics.html
New Ransomware Spotted: White Rabbit and Its Evasion Tactics We analyze the ransomware White Rabbit and bring into focus the familiar evasion tactics employed by this newcomer.
Kendrick Jones is Kivu’s most dedicated engagement leader on the Recovery and Transformation team. A true team player, Kendrick supports every project and upholds Kivu’s values on every customer engagement.
Matt McCabe, Kivu Consulting's General Counsel will be discussing the evolving landscape and different vectors during the Net Diligence Cyber Insurance Ransomware Advisory Group. Join Matt in Ft. Lauderdale on Monday, January 31st.
Endpoint detection and response tools like Falcon are critical for protecting your network. Fusing the capabilities of a robust EDR with an asset discovery tool further bolsters your defenses, ensuring all assets are identified and adequately protected. Contact [email protected] today to identify your network's blind spots.
New cyber are constantly emerging. Defend your organization from increasingly sophisticated with Kivu Consulting’s managed detection and response (MDR) services. Our MDR team, combined with industry-leading solutions, provides 24/7 monitoring and investigates suspicious or malicious behaviors in your environment.
Russian authorities have arrested 14 suspected REvil Ransomware group members, seizing cash, cryptocurrency, and cars.
https://www.reuters.com/technology/russia-arrests-dismantles-revil-hacking-group-us-request-report-2022-01-14/
Russia takes down REvil hacking group at U.S. request - FSB Russia has conducted a special operation against ransomware crime group REvil at the request of the United States and has detained and charged the group's members, the FSB domestic intelligence service said on Friday.
Candice Wendt, Kivu’s Director of Incident Response helps clients solve some of their toughest cybersecurity challenges. In the wake of an incident where there is chaos and panic, Candice collaborates with legal counsel, technical teams, and the client to recover and strengthen their defenses.
Don't miss the latest edition of our threat intelligence bulletin, where we highlight the growing trend of on US Governments and discuss Elephant Beetle, a newly named threat group engaging in targeted against financial sector companies in Latin America.
https://mailchi.mp/84401aab1782/kivu-consulting-threat-intelligence-bulletin-6085646
You can’t defend your network if you don’t know what exist. As become more sophisticated, organizations must move into a zero-trust model. Kivu Consulting’s asset discovery tool, Rumble, provides quick and accurate network scanning to identify assets that may leave you vulnerable. Contact [email protected] to learn more about how to kick off a Rumble scan on your network.
Kivu Consulting is a proud supporter and sponsor of NetDiligence's . Join us in Ft. Lauderdale to hear from over 50 speakers in info-packed sessions and comprehensive discussions on the latest in preparedness, , and . There's still time to register:
https://netdiligence.com/conferences/cyber-risk-summit-fort-lauderdale-2022
We look forward to seeing you there!
Business disruption due to a incident can be devastating to a business. Adam Tyra's newest blog, Recovering Faster, provides insightful tips on steps your organization can take to speed up recovery times, reduce costs, and minimize operational disruption. Check out Adam's blog here: https://kivuconsulting.com/blog/recovering-with-resilience/
Recovering With Resilience In the digital age, loss of access to business technology has the potential to destroy overnight what a company has spent decades building.
Does your organization know where its critical vulnerabilities lie? Kivu Consulting’s Cyber Risk and Resilience team offer proactive assessments to help organizations better understand their security posture, identify risks, and create prioritized roadmaps for improvement. Learn more by contacting [email protected]
Kivu Consulting welcomes Larry Crocker as the new Senior Director of Incident Response. Fusing his background in law enforcement with forensic investigations, Larry brings years of valuable insights to Kivu. Welcome, Larry!
Join Kivu Consulting’s General Counsel, Matt McCabe at the NetDiligence Cyber Risk Summit in Ft. Lauderdale on January 31. Matt will be discussing the evolving landscape and attack vectors/methods as part of the Cyber Insurance Ransomware Advisory Group.
https://netdiligence.com/conferences/cyber-risk-summit-fort-lauderdale-2022
Knowing what’s connected to your network is critical to developing a holistic defense strategy. Kivu Consulting is excited to announce our partnership with Rumble, Inc., a leader in conducting comprehensive asset inventory. We look forward to working with the Rumble team and bringing state-of-the-art asset discovery services to our clients. Contact [email protected] to learn more.