<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1703665079923990&amp;ev=PageView&amp;noscript=1">

BLOG

vshape_NewWhite

Infogressive Blog

INFOGRESSIVE ENGINEERING TEAM

Our team of expert engineers have knowledge and experience beyond the book. In addition to a list of certifications that resembles alphabet soup, our engineer team also has years of experience working directly with cybersecurity and technology in many industries. Infogressive engineers stay up-to-date on the latest cybersecurity news and are always researching and learning more. We truly mean it when we say, "trust the experts!"

Recent Posts

Cyber Ranger's Handbook: Next Steps to Securing Your Home Base

There was a time, years ago, when I wasn’t just the highly capable security practitioner you see before you. I was also a Soldier. I wore a uniform for 22 years altogether, most of the time as an Infantryman in my state’s National Guard.

Posted on April 08, 2020

Cyber Incident Analysis: Layered Security in Action

March, 2020 — We recently had a Malicious Operation (Malop) pop up for one of our MSP Partners' small business clients and it turned out to be a true hit, with malicious PowerShell on a couple of hosts with RDP (port 3389) open to the internet. Our Malware Prevention thankfully blocked the malicious payloads, but something was still going on that needed to be tracked down and remediated. 

Posted on March 17, 2020

Work-from-Home Security: The Unspoken Cyber Impact of Coronavirus

Is your organization prepared to work from home due to the Coronavirus? Not just prepared for the change, but structurally prepared? Is your network designed to protect against the risks?

For offices around the world, the possibility of having to send employees home indefinitely as the virus spreads is becoming very real. If your organization hasn’t needed work-from-home policies in place...

Posted on March 06, 2020

BlueKeep & Seven Monkeys: Protecting Your Organization Against RDP Vulnerabilities

Leaving your remote desktop protocol (port 3389) servers open to the internet has been known to be a cybersecurity “bad idea” for years, but the Bluekeep vulnerability, as well as the more recent Seven Monkeys batch of disclosed vulnerabilities, have made this vital to your business’s survival.

Posted on August 21, 2019

A Security Engineer's Guide to EDR

Over the last 2 years, our team has been researching a number of platforms, frameworks, trainings, and various definitions of Endpoint Detection & Response (EDR) technology. And of course, the newest hot buzzword in cybersecurity: “Threat Hunting.”  After all this research, we have a team put together and have partnered with a platform we believe in, allowing us to be able to offer this...

Posted on October 23, 2018

Vulnerability Management: Don’t Be That Guy

Ignore security at your own and your customers’ peril.

Recently there was a post on r/sysadmin from a network administrator who had a client system hacked because he left their iLO card facing the internet… 

Posted on July 27, 2018

Scam Alert: Sextortion Email Using Real Passwords

In the past 48 hours, security operators have seen a new ‘sextortion’ message begin popping up in client inboxes almost everywhere.

 The most frightening part of this message is that it lists a password either in the subject line or the first sentence. 

Posted on July 13, 2018

Analysis of a DocuSign Phishing Email

As an MSSP, we offer a number of services. It’s kind of in the name. Two of those services involve email through both email security as well as end-user education through our phishing service.

Over the last couple of weeks, we’ve noticed an uptick in phishing emails that are using fake DocuSign sites to attempt to steal credentials to user email accounts.

Posted on March 18, 2018

Into the Rabbit Hole: A Security Engineer’s Review of SANS FOR508

Infogressive’s engineers are a special kind of broken. We like to learn and put ourselves through things that are REALLY hard just because we’re curious… (and a little masochistic).

 

When I was new to the company, I shadowed on an Incident Response lead by one of our vendor partners, and was introduced to the world of forensics. 

Posted on March 05, 2018

ALERT: Bad Rabbit Ransomware

What we know so far…

Looks like there’s a new kid on the block in Ransomware today that is creating havoc for a number of organizations in Russia, Ukraine, Germany, and Turkey.

Posted on October 25, 2017

Tagged Alerts, Ransomware

Disaster Averted: Why Log Review is a Vital Part of Cybersecurity

It’s not fun, but it’s necessary. One of our very own Security Analysts recently proved why log review is a crucial step in protecting our customer’s networks.
Posted on October 19, 2017

WHITEBOARD WEDNESDAY: Major Equifax Breach

The recent breach reported by Equifax is massive, with more information surfacing all the time. When something like this happens, we hear a lot of questions from concerned individuals, such as:
Posted on September 20, 2017

Cylance vs Malware Posing as a Sneaky Flash Installer

Thanks to the deluge of Crypto malware attacks recently, everyone in infosec has been VERY on edge about anything that pops in a quarantine. “Oh crap. What’d they hit? Where’s it going? What IS this?!” Unless you have Cylance.

Posted on July 28, 2017

10 Tips for Cybersecurity Professionals

Surviving as a professional in the cybersecurity realm is no easy task, but the need for more of us is ever-increasing.

Below are some tips and tools that you might find useful if cybersecurity has been entrusted to you.

Posted on April 26, 2017

CylancePROTECT vs RansomFree: Do You Get What You Pay For?

As an all-around nerd, not just a security nerd, I spend a lot of time checking out non security related blogs that involve a lot of technology. One in particular is Lifehacker.com. They usually have some pretty interesting blurbs about software or attacking a problem in a different way. Nothing too heavy, but still useful. 

Posted on February 09, 2017

TOP ARTICLES:

QUESTIONS?