The Infocyte Blog

interview with the founders of a managed detection and response company

Under the Hood of an MDR Company: an Exercise in Innovation [Video]

Running a successful EDR platform and MDR service is never-ending pursuit to stay one step ahead of hackers. As threat actors find creative ways to attempt to circumvent our customers defenses, we are constantly innovating to ensure we can detect and respond to security incidents quickly. Our founders Chris Gerritz and Russ Morris joined me…

Read More »
vulnerability-alert-log4j

Log4J/Log4Shells Exploit Analysis (CVE-2021-44228)

As a follow up to our other blog post related to CVE-2021-44228, the Remote Code Execution (RCE) vulnerability affecting Apache Log4j, we wanted to go into analysis of a log4shells attack. Who is vulnerable? Basically, this vulnerability affects any apache web server using vulnerable versions (2.11.0 – 2.14.1) of the log4j logger. The list of…

Read More »
mdr services concept

EDR vs. MDR Services: Which is Right for You?

Cybersecurity is a topic that keeps many business executives, managers, and IT directors up at night, and with good reason. The average cost of a breach in 2021 is estimated at $4.24 million! As information technology grows in sophistication, so do cyber threats. This week, for example, the Apache Log4j vulnerability has sent security teams…

Read More »
vulnerability-alert-log4j

Log4J Exploit Detection (CVE-2021-44228)

This post was last updated on December 22nd, 2021 at 11:59 amUPDATED: 12/22 – Added new detection logic to mitigate common obfuscation tactics. De-emphasized mitigation procedures which no longer help. If you are reading this than I assume you have already heard about CVE-2021-44228, the Remote Code Execution (RCE) vulnerability affecting Apache Log4j, the Java…

Read More »
ransomware detection concept; laptop, displaying a ransomware attack, analyzed by magnifying glass

Ransomware Detection: How Infocyte Uses the CISA Ransomware Guide

This post was last updated on December 9th, 2021 at 11:14 amLarge organizations and middle-sized businesses dread the ransomware plague as it can paralyze day-to-day operations and expose confidential information to the public. Most organizations have taken some steps toward protecting their business through ransomware detection and protection, but is it enough?  The Cybersecurity and…

Read More »

Managed Detection and Response 101 [Video]

Cyberattacks are at an all-time high. Ransomware is all over the news, and killware is the next big fear. Hackers are growing more competent at detecting gaps and loopholes in corporate security systems. They can obtain access to secured files and data as technology advances, creating a serious cybersecurity concern. Cybercriminals target organizations with some…

Read More »

How an MSSP successfully fought off a major cyber attack

This post was last updated on November 19th, 2021 at 03:27 pmHere at Infocyte, we are helping our customers and partners respond to major attacks on almost a weekly basis. When I say attack, I don’t mean an antivirus notification about a bad file that a user inadvertently downloaded. The attacks I am talking about…

Read More »
A team of government agents executing ransomware protection methods

How Can State and Local Municipalities Protect Themselves from Ransomware?

This post was last updated on November 3rd, 2021 at 09:54 amThe extent of ransomware attacks among government entities was especially revealed when the world, particularly the US, was countering the pandemic. It’s now clear that cybercriminals might continue halting delivery of essential services unless state and local municipalities do something to end the ransomware…

Read More »
mid-size business cybersecurity

Five MDR Service Principles to Reduce Risk in Mid-Sized Enterprises

This post was last updated on November 1st, 2021 at 04:04 pmIf you are responsible for IT security for an organization with less than 2,500 employees and the “core” Microsoft security, you might think that hackers have bigger fish to fry and won’t set their sites on you. That line of thinking is risky. As…

Read More »

Top 20 Most Common Hacker Behaviors

This post was last updated on August 27th, 2021 at 03:59 pmThe top MITRE ATT&CK™ behaviors to monitor for on your endpoints and servers When the OWASP Top 20 Vulnerabilities was first published it revolutionized our industry’s approach to vulnerability management. Instead of playing wack-a-mole with thousands of individual vulnerabilities every time a new one…

Read More »