Lexico vs. Ransomware Soteria recently has received urgent incident response requests from clients who had been hit with ryuk, banta, and, phobos ransomware. One of these clients had several systems already in the process of being encrypted when security professionals discovered the outbreak. After initial meetings and contracts were signed, through our Lexico [...]
The Challenge of Detector Management Security operations and monitoring teams face a variety of challenges: the rapid evolution of adversarial tradecraft, poor detector documentation, lack of detector version control, poor detection methodology, lack of testing procedures, and change control processes that are slow and time consuming. These issues plague security teams of all [...]
The large volume of financial, banking, and insurance firms doing business in New York makes the state’s financial services and insurance industry a rich environment for hackers. For this reason, it comes as no surprise to learn the New York Department of Financial Services (NYDFS) passed far-reaching and detailed regulations designed to protect New [...]
Login credential management platforms are valuable tools for organizing and securing a business’s or individual’s account usernames and passwords. While password management platforms simplify the process of creating and managing secure account credentials, they are not a 100% solution for account security practices at your business. On May 31, 2017, OneLogin, a credential management [...]
COLUMBIA, SC - May 23, 2017 - Soteria, LLC, a Charleston-based cyber security consulting and product development firm, received the SC Cyber Award of Excellence for Industry at the 2017 Cybersecurity Summit. Recipients of the SC Cyber Award of Excellence must have a demonstrated commitment to advance talent, techniques, and tools required to defend [...]
Defending against WannaCrypt and other Ransomware Attacks The WannaCrypt attack, a massive ransomware attack impacting businesses and individuals alike, has been making headlines around the world. Not only did this event hit a large number of victims, this attack has been further sensationalized because it utilized exploits said to be developed by the National Security [...]
Outsourcing IT operations to managed IT services providers (MSP) is a common trend for a business looking to maintain its operational efficiency while cutting down on cost. In addition to assisting with IT infrastructure management, 38 percent of businesses that hire an MSP do so with the expectation that their business will have enhanced security [...]
When a firm experiences a cyber event or security intrusion, it is often a chaotic experience. Responders are focused on detecting the breach source, locking down their IT infrastructure, and understanding the extent of their losses. However, when responding to an incident, it is important for firms to not overlook their other required breach [...]
Due to the ever-growing threat of cyber attacks, businesses operating in the NY State financial services and insurance industries are required to establish cybersecurity programs. The New York State Department of Financial Services (NYDFS) passed a set of regulations (23 NYCRR 500) requiring banks, insurance companies, and other financial services institutions supervised by NYDFS [...]
@nismoguy1, social engineering is an important security topic that impacts individuals and businesses alike! Before answering your question, it is important to define the term social engineering. A broad definition of “social engineering” is influencing someone to react in a certain way by exploiting one’s interests, habits, etc. In the context of cybersecurity, “social [...]
