Articles by category

Cybersecurity Predictions 2021

CYDEF’s cybersecurity predictions for 2021, including ransomware expectations, cloud-based software risks, and budget impacts on cyber protection. CYDEF’s Cybersecurity Predictions 2021 Around the new year, it seems blogs either are reviewing the year that’s ending or predicting the events of the coming year. I decided to try my hand at predicting the future. The following post details three predictions - [...]

By |December 31, 2020|Categories: Blog, Technical|Tags: , |

The ART of Selecting a Managed Detection and Response Company

Tips for selecting a managed detection and response company based on Actionable, Relevant and Timely response criteria.  Selecting a Managed Detection and Response Company is a Complex Task Cybersecurity is often difficult to understand, especially for the average business owner. These people devote their time to managing their enterprise, not studying cybersecurity tactics and trends. Unfortunately, that means these businesses may misinterpret basic [...]

By |December 23, 2020|Categories: Blog, Technical|Tags: , , , |

Adrozek Silently Alters Search Results in Web Browsers

Adrozek, a drive by download attack, may be impacting your business’s browsers. From desktops to laptops to mobile devices, your endpoint security should be assessed.Detecting Adrozek’s Malicious AdwareOn December 10th, 2020, Microsoft announced detection of the malicious adware Adrozek on a variety of browsers, including Microsoft Edge, Google Chrome, Yandex Browser, and Mozilla Firefox.Adrozek is distributed via a drive by [...]

By |December 17, 2020|Categories: Blog, News, Technical|Tags: , , |

Risk Management: The Strongest Cybersecurity Tactic

Prevention is Not the (Only) Cure Risk management is the strongest cybersecurity tactic, outweighing the roles of prevention and detection. Our clients often indicate they’re looking for a solution that detects and blocks threats, while preventing infection. This may seem perfectly natural upon first glance. After all, what’s the point of detecting malware once your network is infected? An ounce of prevention is worth a [...]

By |December 10, 2020|Categories: Blog, Technical|Tags: , , , |

Defense in Depth as a Cyber Risk Prevention Tactic

On the Relationship Between Cheese and Risk In cybersecurity, there is a lot of talk of “defense in depth”, but sometimes it is unclear what people mean… or why you should care. This post answers questions about the concept of “defense in depth”, with unexpected help from a famous cheese family.  What is defense in depth? Like many concepts [...]

By |December 3, 2020|Categories: Blog, Technical|Tags: , , |

What is SASE?

Secure access, secure edge (SASE) is the hot ticket cybersecurity. Do you understand the benefits? Introducing: SASE Whenever sales of security products dip, vendors leverage buzzwords in an effort to explain business problems. They push the buzzword hard for a short while, just long enough for people to buy it and figure out the claims were vastly overblown. By [...]

By |November 12, 2020|Categories: Blog, Technical|Tags: |

Cybersecurity Countermeasures: Tools for Risk Management

A discussion of The Law of Diminishing Returns and Cybersecurity Investment. The Cybersecurity Price Quandary A reasonably good anti-virus product with a bundled firewall can be acquired for less than a dollar per month. Some companies pay ten to a hundred times that for an advanced endpoint detection product or a managed detection service. Larger companies frequently spend hundreds of [...]

By |October 29, 2020|Categories: Blog, Technical|Tags: , |

Combatting Cyber Alert Fatigue

The more endpoint breach alerts that sound, the less responsive a cybersecurity team becomes. The likelihood of an endpoint breach increases. Distinguishing Important Alerts from Noise Everyone experiences alert fatigue. Alert fatigue is such a common problem that it dates as far back as Aesop’s Fable from the 6th century BC: There once was a shepherd boy who was bored as [...]

By |October 15, 2020|Categories: Blog, Technical|

Responding to Dridex

An analysis of Dridex, the 'banking' malware that steals credentials. How CYDEF Responded to a Dridex Attack The Dridex trojan has posed a significant threat since its identification in 2011. A few months back, a CYDEF customer was infected by this malware. The following blog post details steps to malware identification, response efforts and remediation. What is Dridex? The Dridex [...]

By |October 1, 2020|Categories: Blog, Technical|Tags: , |

Detecting Astaroth with SMART-Monitor

An analysis of Astaroth, the info-stealing malware that uses multiple fileless techniques to install on a computer and steal passwords. Malware of the day: Astaroth Whenever a new malware or a novel attack technique is discovered, our clients worry about how it could affect them. Many come to us asking: “Am I protected against this new threat?” This post addresses [...]

By |September 3, 2020|Categories: Blog, Technical|Tags: , |

The Impact of Potentially Unwanted Programs

A Potentially Unwanted Program (PuP) is a designation commonly used by anti-virus vendors to designate software that is present on a computer against the computer’s owner’s will.This series covers the more exotic incidents observed at our client sites and explains how SMART-Monitor helps catch them. Today, we will look at the security impact of having “potentially unwanted programs” in your [...]

By |August 13, 2020|Categories: Blog, Technical|Tags: , |
Go to Top