A new version of the Nymaim malware family targets high-level managers with attached malicious Word documents and installs ransomware and banking trojans on their machines. Services like ContentCatcher Detonator are a must have, where email attachments are executed in a safe environment so their activity can be reviewed and intentions verified. This puts information about the attachment into the hands of your company’s security administrator. Educating your end users is also an essential safety measure.
When dealing with financial requests via email, it is always good to verify multiple times that the vendor and or transactions are legitimate. Verify the accounts on both sides, call the vendor directly and confirm their request. The city of El Paso Texas was scammed out of $3 million through social engineering. A phish! This is happening more and more and is yet another example why user education is so important.
Anti-virus has proven ineffective as of late. It is not that Anti-virus does not work, the AV companies simply cannot keep up. It appears that the next-gen desktop engines are just now being released. On November 1st, 2016 Symantec released their new solution for the desktop called Endpoint Protection 14 and is available now. It looks promising.
Key features include:
Compare Huntress vs Blackpoint MDR for MSPs: coverage, SOC response authority, alert quality, integrations, and…
Choose Huntress or CrowdStrike by operating model, not hype: compare managed EDR, Falcon platform depth,…
Reduce risk without overloading IT: compare SOC monitoring, alert triage, threat hunting, and MDR response…
Compare SOC costs from $60K SOCaaS to $5M+ internal 24x7 teams, with hidden staffing, tooling,…
Protect CUI and win defense contracts with practical NIST 800-171 steps for manufacturers, from scoping…
Secure DoD contracts with CMMC support for manufacturers: map CUI, close NIST 800-171 gaps, monitor…