Avertium Resources | Managed Security Services & Consulting Provider

Blog | Dec 2, 2021

Flash Notice - Wormable Security Vulnerability Found in Several HP Printer Models

Cyber security researchers have discovered two vulnerabilities, now named Printing Shellz, that affect 150 different HP multifunction printers.

Learn More

Blog | Dec 1, 2021

Flash Notice - Windows Zero-Day 'InstallerFileTakeOver' Vulnerability Allows Unauthorized Users to Become an Admin

During Patch Tuesday, Microsoft fixed a zero-day Windows vulnerability. However, the patch was bypassed and led to a new privilege elevation vulnerability named ‘InstallerFileTakeOver’.

Learn More

Blog | Nov 19, 2021

Flash Notice - APT Group Exploits FatPipe Zero-Day Vulnerability for 6 Months

The FBI issued a notice yesterday warning that APT has been exploiting a zero-day vulnerability in FatPipe’s router clustering and load balancer products.

Learn More

Blog | Nov 19, 2021

Flash Notice - Emotet Botnet is Back with New Spam Campaigns

Last seen in January 2021, after law enforcement took them down, Emotet is back & is using TrickBot to install Emotet malware on infected Windows systems.

Learn More

Blog | Nov 17, 2021

Flash Notice - BotenaGo Botnet Could Affect Millions of Routers & IoT Devices

A new botnet named BotenaGo has been seen in the wild targeting a number of IoT devices & routers. BotenaGo can exploit up to 30 different vulnerabilities.

Learn More

Threat Report | Nov 16, 2021

Everything You Need to Know About HIVE Ransomware

Hive ransomware is known for attacking healthcare facilities but has recently decided to make an even bigger name for themselves by attacking retail.

Learn More

Ebook | Nov 15, 2021

Creating a Business-First Incident Response Plan

Breaches are no longer a simple ransom to be paid. The ripple effect that follows an attack can leave a long-lasting impact if your company is not prepared.

Learn More

Threat Report | Nov 11, 2021

TIR-20211004 An In-Depth Look at Ransomware Gang, Conti

A Russian-speaking RaaS organization, Conti uses RaaS to deploy disruptive ransomware attacks that target critical infrastructures.

Learn More

Threat Report | Nov 10, 2021

Stay Vigilant With Cybersecurity During the Holidays

Experts warn to stay vigilant with cybersecurity during the holidays, as there will be no shortage of attacks during the 2021/2022 holiday season.

Learn More

Blog | Nov 9, 2021

Flash Notice - Philips TASY EMR Vulnerabilities Could Cause Patient Data Breach

On November 5, 2021, Philips advised their customers of two security vulnerabilities that may cause a patient data breach in their TASY EMR HTML5 system.

Learn More

Blog | Nov 4, 2021

Avertium Joins the Microsoft Intelligent Security Association

Avertium, a cybersecurity services partner, joins the Microsoft Intelligent Security Association (MISA).

Learn More

Threat Report | Nov 3, 2021

The Resurgence of Russian Threat Actor, NOBELIUM

Recently, NOBELIUM has been seen making their rounds again, but this time their focus has shifted to software and cloud service resellers.

Learn More

Threat Report | Oct 29, 2021

The Top 5 Cyber Threats in the Healthcare Industry

The healthcare sector should be the last industry cyber criminals attack, but no exceptions are made when threat actors are looking to make money.

Learn More

Blog | Oct 26, 2021

CIOReview Awards Avertium – Security You Can Trust

CIOReview awards Avertium as 2021's " Most Promising Enterprise Security Solution Providers".

Learn More

Blog | Oct 22, 2021

Cyber Insurance - Is Advanced Protection Worth it?

Learn more about cyber insurance by understanding what it provides, how to pick a plan, and how it could save your organization in case of a breach.

Learn More

Threat Report | Oct 12, 2021

TIR-20211011 DDoS Attacks & The Meris Botnet

A DDoS attack is a disruption to internet-based services that can make any internet connected machine unavailable to perform its intended purpose.

Learn More

Blog | Oct 8, 2021

American Hospital Association + Avertium Emphasize the Growing Need for Cybersecurity in Healthcare

Avertium worked with LogRythm and the American Hospital Association to create an eBook meant for healthcare and its ever-growing need for cybersecurity.

Learn More

Blog | Oct 7, 2021

Third-Party Supply Chain Risk - Valuable Partners or Potential Threats?

Your organization's supply chain could serve as an entry point for threat actors. Learn how to manage potential threats that may arise from your vendors.

Learn More

Blog | Oct 6, 2021

Flash Notice - Apache Fixes Zero-Day Vulnerability on Airflow Servers

Researchers from Intezer published details about two Apache Airflow Server vulnerabilities that are being tracked as CVE-2021-41773.

Learn More

Whitepaper | Oct 5, 2021

How to Raise Your Healthcare Organization’s Game to Combat Cybercriminals

The American Hospital Association teamed up with Avertium in order to cultivate expert-based knowledge that could help you prevent an attack on your hospital.

Threat Report | Sep 28, 2021

TIR – 20210920 T-Mobile and BlackBerry - Why Waiting to Inform May Cost You

Both T-Mobile and BlackBerry faced scrutiny after they failed to promptly inform customers of software vulnerabilities that affected millions of people.

Learn More

Blog | Sep 27, 2021

Avertium Named to MSSP Alert’s Top 250 MSSPs List for 2021

The list identifies the top MSSPs, managed detection and response (MDR) and Security Operations Center as a Service (SOCaaS) providers worldwide.

Learn More

Blog | Sep 24, 2021

Flash Notice - Critical VMware vCenter Server Flaw

VMware released a statement detailing how Internet-exposed vCenter servers are actively being targeted by attackers.

Learn More

Blog | Sep 23, 2021

Flash Notice - Microsoft Azure OMIGOD Vulnerability

The researchers at Cloud security company, Wiz, disclosed a new vulnerability, OMIGOD, that affects Microsoft Azure.

Learn More

Ebook | Sep 21, 2021

Why the Time is Now for CISOs to Advocate for Cybersecurity

In this current moment of data breaches...CISOs have an opportunity to position cybersecurity investment as the path to innovation - not a blocker.

Learn More

Blog | Sep 20, 2021

T-Mobile Data Breach Review: 40 Million Customers Compromised

On August 17th, 2021, a ransomware attack caused a T-Mobile data breach, compromising over 40 million people’s PII. Here's what you need to know.

Learn More

Webinar | Sep 15, 2021

Appgate: Practical Steps to Deploying Zero Trust Network Access

Learn about Zero Trust Network access fundamentals, the benefits of ZTNA, and the challenges you might encounter as you make the shift to a ZTN model. Part 2 of a 3-part series.

Watch Now

Webinar | Sep 15, 2021

Scaling Remediation in the Face of Competing Priorities

Learn how you can leverage NIST CSF to scale a vulnerability management program and accelerate your remediation efforts.

Watch Now

Webinar | Sep 15, 2021

Remote Workforce + Data Breach: A Perfect Storm

With companies having to quickly pivot to a remote workforce, it's important to adapt your incident response (IR) plan, data privacy procedures, and more.

Watch Now

Webinar | Sep 15, 2021

Appgate: When “Trust but Verify” isn’t enough.

Learn about Zero Trust Network access fundamentals, the benefits of ZTNA, and the challenges you might encounter as you make the shift to a ZTN model.

Watch Now

Webinar | Sep 15, 2021

New Techniques to Strengthening Threat Detection and Response

Learn about the role of a SIEM in a ZTNA approach to cybersecurity.

Watch Now

Webinar | Sep 15, 2021

Key Shifts in Identity Management and Governance

Webinar discussing key shifts in identity management and governance - providing adjustments and tools to prepare for getting back to onsite work patterns.

Watch Now

Webinar | Sep 15, 2021

Zero Trust: Fast-Tracking Security in the New Work Anywhere Norm

Recent world events (COVID-19) have fundamentally changed the way organizations enable employees and provide them access to critical applications and data.

Watch Now

Webinar | Sep 15, 2021

Rising Ransomware Attacks, the Advent of XDR, & What it Means for the Future of Threat Detection and Response

Highlighting security challenges (and more) for companies that operate in multi-cloud environments, having a highly interconnected supply chain that must now accommodate a hybrid workforce model.

Watch Now

Webinar | Sep 15, 2021

Securing Remote Workers; Fact & Fiction

Webinar providing tips on how to secure your company network, endpoints and remote workers in a remote working model.

Watch Now

Webinar | Sep 15, 2021

How to Implement a Risk-Based Strategy for "Killer" Threat Hunting Programs

Learn the elements of a threat hunting program, how to utilize NIST CSF and the Enterprise ATT&CK framework, and review recent ransomware case studies.

Watch Now

Ebook | Sep 15, 2021

Everything You Need to Know to Create An Effective Incident Response Plan

Creating an effective response plan specific to your business is the best way to ensure you are ready to mitigate the effect of a cyberattack. Learn how.

Learn More

Guide | Sep 15, 2021

Strengthening Cybersecurity with Consensus: How to Build Positive Board Relationships

For CISOs looking to strengthen their cybersecurity posture, board buy-in is a helpful ally. This free guide details tangible action steps that CISOs can take.

Learn More

Guide | Sep 15, 2021

8 Steps to Take if You've Been Breached

When it comes to a security breach, fast detection, mitigation and response are vital for reducing impact. This guide gives a formal, methodical approach.

Learn More

Infographic | Sep 15, 2021

5 Ways to Prevent Ransomware

Avertium offers five ways for your security team to prevent ransomware.

Learn More

Guide | Sep 15, 2021

6 Steps to Implementing a Zero Trust Network

This guide offers the 6 steps to implementing a zero trust network (ZTN) cybersecurity strategy to protect against cyber threat and improve your program.

Learn More

Whitepaper | Sep 15, 2021

Security Operations Maturity Model (SOMM)

Avertium and LogRhythm explain SIEM pricing models and educate SIEM buyers on how to mitigate security and financial risks associated with business growth.

Ebook | Sep 15, 2021

7 Metrics to Measure the Effectiveness of Your Security Operations

Avertium and LogRhythm explain metrics to measure the effectiveness of your security operations (SecOps) to detect and respond to cybersecurity events.

Learn More

Whitepaper | Sep 15, 2021

Budgeting for a Modern SIEM

Avertium and LogRhythm explain SIEM pricing models and educate SIEM buyers on how to mitigate security and financial risks associated with business growth.

Guide | Sep 15, 2021

Essential Guide to HIPAA Compliance

A complete guide to help you understand HIPAA compliance and the HIPAA Privacy, Security and Breach Notification Rules.

Learn More

Whitepaper | Sep 15, 2021

HIPAA Privacy During a COVID-19 Outbreak Re-Occurrence

Learn how to stay HIPAA compliant with the Privacy Rule and OCR Notifications of Enforcement Discretion during a COVID-19 pandemic outbreak re-occurrence.

Webinar | Sep 15, 2021

HIPAA Compliance in a Pandemic

Join the CEO of Avertium, Jeff Schmidt, for a discussion on the implications the pandemic has and will continue to have on HIPAA compliance.

Watch Now

Ebook | Sep 15, 2021

9 Steps to Manage Third-Party Information Security Risk

9 essential steps to managing third-party vendor risk that every information security professional can adopt for their organization.

Learn More

Whitepaper | Sep 15, 2021

The Risky Business of SaaS + Hybrid Cloud and What to do about it

Securing Your SaaS and Hybrid Cloud Solutions white paper examines opportunities, risks and best practices to integrate cloud into your security posture.

Whitepaper | Sep 15, 2021

4 Trending Phishing Techniques and Tips for Detection

Avertium teams up with LogRhythm to explain trending phishing techniques and gives tips for detecting phishing attacks using SIEM technology.

Whitepaper | Sep 15, 2021

Guide to Selecting an MSSP or In-house Solution

A complete guide to help you decide on whether to manage your SOC in-house or use an MSSP.

Whitepaper | Sep 15, 2021

Threat-Based Security at the Intersection of MITRE ATT&CK and NIST CSF

Examine how to use the NIST CSF in conjunction with MITRE ATT&CK to help define and enact threat-based cybersecurity and break the intrusion kill chain.

Whitepaper | Sep 15, 2021

Building an XDR Solution: Factors You Ought to Consider for ZTNA, EDR, Vulnerability Scanning and SIEM

White paper on building an XDR solution with ZTNA, EDR, vulnerability scanning and SIEM technologies and the factors you should consider for each.

Whitepaper | Sep 15, 2021

XDR is Not Only About Technology and Why this Matters

Learn why XDR is more than technology in order to achieve a proactive and more mature security posture.

Webinar | Sep 15, 2021

Navigating Cybersecurity & Managing Data Breach Risks

Webinar providing tips on how to secure your company network, endpoints and remote workers in a remote working model.

Watch Now

Webinar | Sep 15, 2021

5 Essential Steps to Creating a Relevant Incident Response Plan

Incident response templates are readily available online but how well do they work for your company's specific policies, procedures, and workflows?

Watch Now

Checklist | Sep 15, 2021

The Ultimate Incident Response Plan Checklist

A cybersecurity incident response plan for a data breach takes thoughtful planning. Learn what's needed with this incident response (IR) planning checklist.

Learn More

Ebook | Sep 15, 2021

Ransomware Trends in 2021

Learn More

Ebook | Sep 14, 2021

Leveraging Zero Trust Architecture to Contain & Combat Ransomware

Gain visibility on who's on your network by signing up to download our free eBook discussing how you can contain ransomware utilizing Zero Trust.

Learn More

Threat Report | Sep 14, 2021

TIR-20210913 TEAMTNT – “CHIMAERA” CRYPTOMINING MALWARE CAMPAIGN TARGETS SERVERS

TeamTNT released a new campaign known as "Chimaera" meant to cryptomine malware and is actively targeting several operating systems and applications.

Learn More

Blog | Sep 9, 2021

An In-Depth Look at Ransomware Gangs, LockFile and LockBit 2.0

Ransomware gang attacks have been the talk of the year with the most recent attacks being from LockFile and LockBit 2.0.

Learn More

Blog | Sep 9, 2021

Flash Notice – Microsoft Issues Warning for Remote Code Execution Vulnerability

A statement has been released by Microsoft warning users of a remote code execution vulnerability in Office 365 and Office 2019 on Windows 10.

Learn More

Blog | Aug 24, 2021

Threat Actor Profile – “BlackMatter”

First reported by The Record, BlackMatter began making its presence known as a ransomware-as-a-service (RaaS) gang in July 2021.

Learn More

Blog | Aug 18, 2021

Beware of Clever Email Phishing Campaigns

Phishing campaigns are a tried-and-true method for retrieving data, but certain email campaigns can be difficult to filter.

Learn More

Blog | Aug 13, 2021

Flash Notice – The PrintNightmare Continues

These disappointing developments coincide with reports of ransomware groups exploiting the PrintNightmare family of vulnerabilities in the wild.

Learn More

Blog | Aug 10, 2021

XDR: Tech Stack, Service, Process, or All Three?

What is eXtended Detection Response (XDR)? Is it a process, a tech stack, or a service? How does it differ from MDR and EDR?

Learn More

Blog | Aug 3, 2021

Microsoft Exchange Server Breach is Formally Attributed to China by the U.S

The extensive breach of Microsoft Exchange Server early this year has been formally attributed to China by the United States & several allies.

Learn More

Blog | Aug 3, 2021

President Biden’s Executive Order on Cybersecurity: What it does & What it doesn’t do

The growing need for cybersecurity has brought onto a new executive order. Read more to learn about what this means and where it falls short.

Learn More

Blog | Jul 28, 2021

A Zero Trust Network Architecture (ZTNA) POV with Appgate

As Zero Trust becomes more relevant, Appgate x Avertium leads the way in accelerating the customer's Zero Trust journey.

Learn More

Blog | Jul 22, 2021

July 4th Post Mortem on PrintNightmare and REvil

The latest noteworthy exploit leveraged a vulnerability in Microsoft’s Print Spooler Service to target IT Solutions company, Kaseya.

Learn More

Blog | Jul 16, 2021

Flash Notice: SonicWall Warns of Imminent Ransomware Attack Against EOL Products

SonicWall has released an urgent security bulletin to their customers using unpatched, end-of-life Secure Mobile Access 100 series and Secure Remote Access products.

Learn More

Blog | Jul 7, 2021

Summary of the International Institute for Strategic Studies’ Nation-State Cyber Power Assessment

A recent study, conducted by the International Institute for Strategic Studies, assessed the cyber power of 15 different nation-states.

Learn More

Blog | Jul 1, 2021

CobaltStrike Overview

This report is about the use of the well-known tool CobaltStrike in adversarial campaigns, CobaltStrike dates all the way back to 2016.

Learn More

Blog | Jul 1, 2021

PrintNightmare – Unpatched remote code execution vulnerability in default windows print spooler service

The PrintNightmare scenario continues to unfold as security researchers around the globe work to better understand how to detect and mitigate this critical vulnerability.

Learn More

Blog | Jun 28, 2021

Attack Surface Management vs. Vulnerability Management

Today's attack surface management extends beyond your physical IT assets, now encompassing your entire digital footprint, and vulnerability management focus on software and code-based variabilities.

Learn More

Blog | Jun 25, 2021

Flash Notice: Avertium Detects Increase in “Stolen Images” Phishing Campaign

Avertium security teams have detected an uptick in “Stolen Images” phishing emails. This campaign accuses the email recipient of using...

Learn More

Blog | Jun 23, 2021

APT38 Threat Actor Profile

This report is a threat actor profile on APT38. APT38 is a nation-state level threat group associated with the North Korean regime.

Learn More

Blog | Jun 15, 2021

REvil Ransomware Overview

This is a Threat Actor Profile on REvil, a RaaS syndicate. Most recently, the REvil ransomware group was connected to the attack on the JBS Meat Company.

Learn More

Threat Report | Jun 8, 2021

Cyber Espionage & Data Exfiltration attack results from 3-year old backdoor

This report is an overview of live espionage and data exfiltration resulting from a previously unknown backdoor that flew under the radar for over 3 years.

Learn More

Blog | Jun 2, 2021

New NOBELIUM Campaign focuses on phishing

This report is about a new malware campaign by a foreign adversarial nation-state threat actor recently being referred to as NOBELIUM.

Learn More

Blog | May 26, 2021

Flash Notice: VMware discloses critical vCenter server vulnerabilities

On May 25, 2021, VMware released a new critical security advisory, VMSA-2021-0010 (CVE-2021-21985 & CVE-2021-21986), affecting vCenter Server 6.5, 6.7, and 7.0.

Learn More

Blog | May 26, 2021

Examining the relationship between Vulnerability Announcements & the increase in attacks until mitigated

This report discusses the relationship between the time a new vulnerability is announced & the increase in attacks against it until patched.

Learn More

Blog | May 21, 2021

You're Secure - But are Your Vendors? Assessing Third Party Risk

With 3rd Party Risk in Cybersecurity, security teams can focus on more than just what to do AFTER an attack happens - remediation and containment.

Learn More

Blog | May 18, 2021

Malware Campaign utilizes Microsoft Executable MSBuild

This report is about a malware campaign using a well-known Microsoft executable called MSBuild to propagate in a file-less manner.

Learn More

Blog | May 18, 2021

Avertium Named Winner in the Coveted Global InfoSec Awards 2021

Avertium Wins “Next-Gen in Managed Security Service Provider (MSSP)” In 9th Annual Global InfoSec Awards at #RSAC 2021

Learn More

Blog | May 14, 2021

FiveHands Ransomware Overview

This report is an overview of the FiveHands Ransomware variant that successfully attacked an organization (CISA release date May 6, 2021).

Learn More

Blog | May 11, 2021

Avertium, Med Tech Solutions, and LIFARS announces Security Alliance delivering comprehensive, Always-On Cloud Security for Healthcare Organizations

Three-way partnership creates the first solution combining managed cloud services, managed SOC, & incident response for the healthcare industry.

Learn More

Blog | May 10, 2021

Reducing ransomware risk in Healthcare

The impacts of the global pandemic have put the healthcare industry at the top of the list for ransomware threats.

Learn More

Blog | May 6, 2021

Overview of the BadAlloc Vulnerabilities

This report is an overview of a series of vulnerabilities discovered by Microsoft’s Section 52 research team, labeled “BadAlloc”.

Learn More

Blog | May 5, 2021

Dell BIOS Driver Privilege Escalation Flaws

Hundreds of millions of Dell Computers (desktops, laptops, notebooks, and tablets), could be vulnerable to a BIOS Driver Privilege Escalation Flaw.

Learn More

Blog | Apr 27, 2021

Exploitation Campaign by two threat actor groups affects pulse secure

The Pulse Secure vulnerability CVE-2021-22893 affects the following software releases: PCS 9.0R3/9.1R1 and higher.

Learn More

Blog | Apr 21, 2021

The Rise of RaaS Gangs + What You Need to Know

As we move into 2021, ransomware attacks continue to rise and are increasingly executed through Ransomware as a Service (RaaS) gangs. Learn more.

Learn More

Threat Report | Apr 20, 2021

Clop Ransomware (TIR-20210419)

This report discusses Clop ransomware; it was discovered in February of 2019 and a recent increase in Clop attacks has been noticed by cybersecurity researchers.

Learn More

Blog | Apr 13, 2021

Phishing Campaign targets the Medical Research community

This report is about a well-known threat targeting the medical research community in both the United States and Israel.

Learn More

Blog | Apr 8, 2021

Does CMMC Immunize You to Ransomware?

Does CMMC immunize you to ransomware? Let's find out and discuss not only the requirement but also some of the perceived benefits of implementing such a framework.

Learn More

Blog | Apr 7, 2021

Two Vulnerabilities affect FireEye EX 3500

This report is about two vulnerabilities affecting FireEye EX 3500. The vulnerabilities are identified as CVE-2021-28970 and CVE-2021-28969.

Learn More

Threat Report | Mar 30, 2021

Overview of the Crypter-as-a-Service: HCrypt

Learn More

Blog | Mar 22, 2021

Zoom Screen-Sharing Vulnerability displays Unauthorized Information

A vulnerability discovered in Zoom may allow users in the meeting to see information on a screen-share that they weren't authorized to view.

Learn More

Blog | Mar 15, 2021

Three recently reported Azure LoLBins help attackers evade detection

This report spotlights three recent Azure Living-off-the-land binaries (LoLBins) that could be used by attackers to evade detection.

Learn More

Blog | Mar 11, 2021

Operation Exchange Marauder: Mass exploitation of Microsoft Exchange

On March 2, 2021, Microsoft released a series of emergency security patches for Exchange Server 2019, 2016, 2013, and 2010 in order to combat several vulnerabilities.

Learn More

Blog | Mar 9, 2021

Growing Cybersecurity Company announces Chief Revenue Officer to Support Expansion

Today, Avertium announced the appointment of Ben Masino as the company’s Chief Revenue Officer (CRO).

Learn More

Blog | Mar 8, 2021

DarkSide Ransomware Overview

DarkSide ransomware is a Ransomware-as-a-Service (RaaS), primarily targeting Windows systems with the ability to target Linux OS variants.

Learn More

Blog | Mar 5, 2021

To CMMC & Beyond: What you can do today to prepare for CMMC tomorrow

The Cybersecurity Maturity Model Certification (CMMC) is coming–whether you’re ready or not. Today it’s primarily meant for the Department

Learn More

Threat Report | Mar 1, 2021

Threat Report: New Variant of MassLogger Trojan Malware targets Microsoft Outlook & Google Chrome

This report is about recent malware campaigns utilizing the MassLogger trojan (written in . NET) that is targeting popular applications.

Learn More

Blog | Feb 22, 2021

New Phishing Campaign uses Morse Code to avoid detection

This report is about a new phishing campaign that uses a unique method of obfuscation to avoid detection by traditional security appliances.

Learn More

Blog | Feb 15, 2021

Severe Windows Vulnerabilities impact Windows Client & Server OS Versions 7 and Above

This report is about three high severity Windows TCP/IP vulnerabilities tracked as CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086.

Learn More

Blog | Feb 9, 2021

Vovalex Ransomware (TIR-20210207)

Vovalex ransomware is the first ransomware written in D language and the first to be distributed through pirated software that masquerades as legitimate software such as various Windows utilities.

Learn More

Blog | Feb 9, 2021

How can you leverage your SIEM as part of your Zero Trust strategy?

A well-designed SIEM can provide the level of deep visibility required to ensure that the user remains trustworthy throughout the user’s cycle

Learn More

Blog | Feb 3, 2021

Heap-Based Buffer Overflow Vulnerability Discovered in Sudo (TIR-20210131)

This report is regarding a recently discovered heap-based buffer overflow vulnerability within the widely used Sudo utility.

Learn More

Blog | Jan 24, 2021

Recent additions to TeamTNT Malware Campaign on Cloud Environments

This report is about the recent additions to the TeamTNT malware campaign to infect cloud environments and it is updated to capture AWS IAM user details more effectively.

Learn More

Blog | Jan 6, 2021

New Golang Worm targets MySQL, Jenkins, Oracle WebLogic and other public services

Threat report on the new malware Golang Worm which is targeting services such as MySQL, Jenkins, and Oracle WebLogic.

Learn More

Blog | Jan 6, 2021

Zyxel Firewall Backdoor Vulnerability CVE-2020-29583

This outlines the TTP for the Zyxel Firewall backdoor vulnerability CVE-2020-29583. It also provides mitigation recommendations.

Learn More

Threat Report | Dec 28, 2020

Multiple Dell ThinOS Vulnerabilities

This threat report is about the multiple Dell Wyse ThinOS vulnerabilities, the techniques, tactics and procedures and how to remediate them.

Learn More

Blog | Dec 28, 2020

What is Mobile App Testing?

What is Mobile App Testing? Cybersecurity specialists utilize an assortment of tests and techniques to screen for vulnerabilities in order to evaluate the security of a mobile app.

Learn More

Threat Report | Dec 24, 2020

Threat Report: SunBurst Backdoor and Malware Campaign

This report is about the recently disclosed SunBurst backdoor and the related malware campaign.

Learn More

Threat Report | Dec 18, 2020

Threat Report: SolarWinds Orion Compromise Guidance

This report outlines the TTPs of the SolarWinds Orion compromise and recommended steps to identiy and mitigate known exposure.

Learn More

Blog | Nov 16, 2020

PyXie distributing ransomware tools targeting Healthcare, Education, Government and Technology companies

This threat report is about bad actor PyXie Group's ransomware tools targeting various sectors including healthcare, education, government, and technology.

Learn More

Blog | Nov 10, 2020

What you need to know about Telemedicine, HIPAA Compliance and the Pandemic

What you need to know about evolving telemedicine policies and HIPAA compliance during this pandemic.

Learn More

Blog | Nov 3, 2020

Multiple Oracle WebLogic Server Vulnerabilities Remotely Exploitable without Authentication

This threat report is about the Oracle WebLogic Server vulnerabilities and the patches available.

Learn More

Blog | Oct 30, 2020

3 Scary Stories of Data Breach Disasters

3 data breach stories that could happen to any company and that could've been preventable.

Learn More

Threat Report | Oct 30, 2020

Ryuk is Back and Actively Targeting U.S. Healthcare Organizations

Threat actors operating Ruyk are back and targeting U.S. -based hospitals. Here's how you can protect your company against the threat actors.

Learn More

Blog | Oct 27, 2020

TeamTNT Attacks Cloud Environments

TeamTNT attacks cloud environments with Weave Scope. This report describes the tactics, techniques, and procedures used and how to defend against them.

Learn More

Blog | Oct 27, 2020

What Is Security Orchestration, Automation and Response (SOAR)?

Security orchestration, automation, and response (SOAR) automates and accelerates security operations, analytics and reporting.

Learn More

Blog | Oct 22, 2020

We have an MDR...do we still need a SIEM?

Explains what MDR and SIEM are, and how they can work together to provide you with a superior cybersecurity solution.

Learn More

Blog | Oct 20, 2020

Culture of Collaboration: Fanatical Testing and Instrumentation

Culture of Collaboration: Fanatical Testing and Instrumentation. We can use this idea to develop organizational controls and processes to prevent, detect, respond to and recover from cyber-attacks.

Learn More

Blog | Oct 20, 2020

Translating Paper into Trust

Translating Paper into Trust: Edward Vasko explains how collaboration can lead to security controls tailored to minimize their impact on job performance.

Learn More

Blog | Oct 20, 2020

Why (and How) Company Leadership should create a culture of Security Collaboration

The goal is to balance security risks against business objectives and develop sensible controls that reduce the biggest risks with minimal impact on job performance.

Learn More

Blog | Oct 20, 2020

Understanding Personal Data Privacy Compliance Obligations to protect your customers, partners and employees

Due to the many personal data privacy compliance requirements and non-compliance sanctions, organizations should understand regulations.

Learn More

Blog | Oct 19, 2020

SonicWall Vulnerability may allow denial of service attack

This is a threat report about a critical SonicWall vulnerability tracked as CVE-2020-5135 that can allow a Denial of Service attack.

Learn More

Blog | Oct 15, 2020

What Is Extended Detection and Response (XDR) and why is it gaining momentum as a security solution?

Learn what extended detection and response is and how XDR is evolving into the successor to end-point detection and response (EDR) solutions.

Learn More

Blog | Oct 14, 2020

What Is MITRE ATT&CK and how is it being used?

This article answers the question, What is MITRE ATT&CK? and explains ways to use ATT&CK daily to protect your environment against adversarial TTPs.

Learn More

Blog | Oct 13, 2020

Backdoor targets Content Management Systems (CMS)

This report describes the tactics, techniques, and procedures for backdoor malware with shell capability and targets content management systems.

Learn More

Blog | Oct 12, 2020

Content Management System malware attack drops Backdoor Shell

This threat report is about a content management system (CMS) malware that attacks using a backdoor with a shell capability.

Learn More

Blog | Oct 11, 2020

Latest Phishing Campaign lures Defense and Aerospace Workers with Fake Job Offers

This report outlines the latest phishing campaign targeting defense and aerospace workers and how to protect against it.

Learn More

Blog | Oct 8, 2020

Threat Focus: What is Ransomware-as-a-Service?

This post answers "What is ransomware-as-a-service?" and explains how the cybersecurity threat is evolving and ways to protect your business.

Learn More

Blog | Oct 7, 2020

Avertium Named to the MSSP Alert Top 250 MSSPs List

Avertium named to MSSP Alert's 2020 Top 250 MSSPs list. This is the second consecutive year that Avertium has been included.

Learn More

Blog | Oct 6, 2020

What every Cybersecurity Pro should understand about Insider Threats

Understand insider threats - both malicious and accidental - since they are prevalent, yet often an avoidable type of cybersecurity threat.

Learn More

Blog | Oct 5, 2020

Ryuk Ransomware's Increased Activity Targets Large Organizations Using Windows OS

This report is an overview of the Ryuk ransomware and contains actionable intelligence for understanding and protecting against the malware threat.

Learn More

Blog | Oct 1, 2020

Malware, Ransomware, and Phishing Attacks: What are they and what're the differences?

What is the difference between ransomware, phishing & malware attacks? Read to learn more about each type of attack and how they differ from each other.

Learn More

Blog | Sep 29, 2020

What Software Companies looking to develop for the Healthcare Industry need to know

Many software companies looking to develop for the healthcare industry are unaware they must be HIPAA compliant. Learn more.

Learn More

Blog | Sep 28, 2020

Cisco Aironet APs vulnerability risks DoS

This threat report is about a vulnerability recently discovered in Cisco Aironet Access Points (APs) known as CVE-2020-3560.

Learn More

Blog | Sep 24, 2020

Zero Trust Beyond VPN Replacement: Earning the Most Value for Your Investment

Learn about zero-trust network access (ZTNA) beyond VPN replacement and how to realize the most value for your investment.

Learn More

Blog | Sep 23, 2020

Understanding the Difference Between an MSSP and MDR

The decision between MSSP vs. MDR should be based on specific factors. Learn how you can make the right choice for your organization. Read the blog.

Learn More

Blog | Sep 17, 2020

How Multi-Cloud Environments Expand Your Attack Surface and How to Manage and Reduce the Risk

Learn how multi-cloud environments expand your attack surface, best practices to manage and reduce the risk

Learn More

Blog | Sep 16, 2020

Avertium enhances LogRhythm expertise with acquisition of 1440 Security

Sunstone Partners-backed Avertium acquires national MSSP 1440 Security to enhance LogRhythm and advanced threat detection capabilities.

Learn More

Blog | Sep 15, 2020

How to Leverage Your SIEM to Detect and Respond to Ransomware

The key to detecting ransomware is laying the necessary groundwork first. Avertium explores how to leverage SIEM technology to respond to attacks.

Learn More

Blog | Sep 14, 2020

Palo Alto Firewall vulnerabilities discovered and patched

This threat report is about a series of Palo Alto firewall vulnerabilities in the software suite ranging in criticality.

Learn More

Blog | Sep 9, 2020

Why Enterprises are Adding Chief Privacy Officer to C-Level Leadership

Learn why the Chief Privacy Officer is needed for personal data privacy strategic decision making and why the CPO is here to stay.

Learn More

Blog | Sep 8, 2020

Assessing whether you need Virtual CISO (vCISO) Services, and what to expect

Learn if you need virtual CISO (vCISO) services for cybersecurity leadership to improve security and meet regulations and compliance.

Learn More

Threat Report | Sep 8, 2020

Financial Institutions Beware: New PyVil RAT targets you

This threat report is about a new remote access trojan (RAT) called PyVil that targets financial institutions and is by Evilnum.

Learn More

Blog | Sep 3, 2020

The Cybersecurity Talent Shortage: Myth or Truth?

Explore the myths and facts surrounding the cybersecurity talent shortage and what you can do about it with MSSP and consulting.

Learn More

Blog | Sep 1, 2020

Vulnerability Management: Is In-Sourcing or Outsourcing right for you?

Examine the different components of vulnerability management and when and where outsourcing makes sense to your program.

Learn More

Blog | Aug 31, 2020

WooCommerce vulnerabilities in WordPress plugin discovered

This threat report provides actionable intelligence about WooCommerce vulnerabilities discovered in Discount Rules in the WordPress plugin.

Learn More

Blog | Aug 27, 2020

Attributes of a robust Vulnerability Management Program

The attributes of a robust vulnerability management program that protects enterprises in a challenging security environment.

Learn More

Blog | Aug 25, 2020

What is a Vulnerability Assessment and Why is it Important?

Explore what a vulnerability assessment is and the importance of having a thorough analysis applied to your organization.

Learn More

Blog | Aug 24, 2020

MassLogger Malware

This threat report provides an overview of the MassLogger malware, the tactics, techniques and procedures, and what you can do to protect your organization.

Learn More

Blog | Aug 20, 2020

EDR vs. MDR: Which Threat Detection is Right for You?

This post explores using EDR vs. MDR for threat detection to protect against cybersecurity threats to help determine which is right for your organization.

Learn More

Blog | Aug 18, 2020

Is Artificial Intelligence (AI) in Cybersecurity the ultimate solution? Short Answer: No, and also Yes

This post provides an examination of artificial intelligence in cybersecurity for a more profound understanding of precisely what AI can and cannot do.

Learn More

Blog | Aug 17, 2020

Russian Drovorub malware affects Linux Systems

This threat report covers the Drovorub malware, which affects Linux systems and is attributed to the Russian military unit known as the GRU.

Learn More

Blog | Aug 13, 2020

Using Application Whitelisting to Stop Malware

This article explains the difference between whitelists and blacklists and explores using application whitelisting to stop malware.

Learn More

Blog | Aug 12, 2020

Netwalker Ransomware offered as Ransomware-as-a-Service creating increased prevalence

This threat report is about the NetWalker ransomware considered highly dangerous due to advanced anti-detection and persistence techniques.

Learn More

Blog | Aug 11, 2020

Make PCI Compliance Easier; Automate PCI DSS Requirement 11.2

Automating PCI DSS Requirement 11.2 using vulnerability scanning is the best way for a merchant or service provider to fulfill the mandate.

Learn More

Blog | Aug 6, 2020

Least Privilege: Minimizing Permissions to Improve Cybersecurity

Why least privilege through minimizing permissions and account separation is worth the resulting lowered exposure to cyberattacks.

Learn More

Blog | Aug 5, 2020

Ensiko Web Shell Infects Windows, Linux and MacOS Systems

This threat report provides actionable intelligence to protect against the Ensiko web shell that affects Windows, Linux, and MacOS systems.

Learn More

Blog | Aug 4, 2020

How to apply SOC 2 Type 2 Trust Services criteria to your business

This article explains the SOC 2 Type 2 Trust Service Criteria (TSC) for SOC audit reports and how to apply them to your business.

Learn More

Blog | Jul 30, 2020

Demystifying Zero Trust: What is Zero Trust Security, and how can it bolster your environment?

What is Zero Trust security? How can it bolster your information security environment? Learn if a zero trust security model is right for your organization.

Learn More

Blog | Jul 28, 2020

SOC Audit Report Basics: The What, Why, Who and How

Learn SOC audit report basics: What is a SOC audit report, what's the difference between a SOC 1, SOC 2 and SOC 3 report, Type 1 vs. Type 2, and more.

Learn More

Blog | Jul 27, 2020

SIGRed "Wormable" DNS Server vulnerability is critical to address

SIGRed, assigned as "wormable" DNS Server vulnerability may allow malicious actor Domain Administrator rights with devastating financial impact.

Learn More

Blog | Jul 20, 2020

Zoom Client for Windows Vulnerability recently discovered

Threat report about a newly discovered Zoom Client for Windows vulnerability that allows a remote attacker to execute arbitrary code on a victim’s computer.

Learn More

Blog | Jul 17, 2020

Why Root Cause Analysis is Crucial to Incident Response (IR)

Performing incident response root cause analysis can help your organization identify outlying factors that may have contributed to a data breach. Read more.

Learn More

Blog | Jul 15, 2020

How to write a Business Continuity Plan to fit your enterprise

How to write a business continuity plan to fit your business, including primary goals, what a BCP includes, and business continuity planning steps.

Learn More

Blog | Jul 15, 2020

Avertium adds Sophos 2020 MSP Partner of the Year, Americas to List of Partner Awards

Avertium Adds Sophos 2020 MSP Partner of the Year, Americas to List of Partner Awards

Learn More

Blog | Jul 13, 2020

Citrix Vulnerabilities: NetScaler ADC, NetScaler Gateway and SD-WAN WANOP

This threat report is about a series of Citrix vulnerabilities within Citrix ADC (NetScaler ADC), Gateway (NetScaler Gateway), and SD-WAN WANOP.

Learn More

Blog | Jul 9, 2020

Why Patch Management is Important for Cyber Security

This post explains strong patch management importance in cyber security, best practices, and how to implement a program that manages risk.

Learn More

Blog | Jul 7, 2020

What's New in HITRUST CSF Version 9.4 CMMC and NIST Mapping

Learn about the added HITRUST CMMC and NIST mapping aspects of this recently released HITRUST CSF version 9.4.

Learn More

Blog | Jul 6, 2020

Palo Alto PAN-OS Vulnerability with CVSS score of 10 issued

This threat report is about CVE-2020-2021, a newly discovered critical vulnerability in the Palo Alto PAN-OS and carries a CVSS score of 10.

Learn More

Blog | Jun 30, 2020

Am I ready for a PCI ROC?

This post answers PCI Report on Compliance (ROC) questions, help you determine if you're ready, and gives tips for doing a PCI readiness assessment.

Learn More

Blog | Jun 29, 2020

Cisco Webex Meetings Desktop App Vulnerability

This threat report is about a Cisco Webex Meetings Desktop App vulnerability referred to as CVE-2020-3263 with Cisco updates to remediate.

Learn More

Blog | Jun 25, 2020

Cloud Security Using Defense in Depth

Learn the argument for cloud security using defense in-depth, the challenges of implementing cloud cybersecurity, + how to protect your cloud environment.

Learn More

Blog | Jun 25, 2020

First HIPAA Risk Assessment? Here's how to be prepared

This article provides an introduction to HIPAA risk analysis and four things to remember when preparing for your first HIPAA risk assessment.

Learn More

Blog | Jun 23, 2020

Ransomware Prevention to Incident Response

This article covers ransomware prevention to incident response to help you protect against ransomware or recover from a ransomware attack.

Learn More

Blog | Jun 22, 2020

New FK_Undead Malware Modules

This threat report is about a set of new modules added to the FK_Undead malware and provides actionable intelligence to protect against this threat.

Learn More

Threat Report | Jun 19, 2020

Recent surge in two WordPress attacks

This threat report is about a surge in WordPress attacks using cross-site scripting (XSS) and the “wp-config.php” file and how to defend against them.

Learn More

Blog | Jun 17, 2020

10 factors for Cloud Security during selection and implementation

Cloud security during selection and implementation that considers data governance, data security, and remote workforce's usage of technology.

Learn More

Blog | Jun 16, 2020

Do I have to be PCI compliant?

This article offers PCI DSS information to help you answer, "Do I have to be PCI compliant?", explains the QSA's role and how to avoid heavy fines.

Learn More

Blog | Jun 11, 2020

Does HIPAA apply to me?

"Does HIPAA Apply to Me?" answers if your organization must be HIPAA compliant and how to adhere to HIPAA Rules for protected health information (PHI).

Learn More

Blog | Jun 10, 2020

VMWare Tools Vulnerability Allows Administrative Access

This threat report is about VMware tools vulnerability CVE-2020-3957 that can allow an attacker to gain administrative level privileges on a system.

Learn More

Blog | Jun 9, 2020

Password Spray Attack Q&A with a Penetration Tester

Learn from a pen testing expert about the password spray attack hackers use to gain account access and how to protect against this type of cyber attack.

Learn More

Blog | Jun 8, 2020

Ragnar Locker Ransomware New Evasion Technique

This threat report is about the Ragnar Locker ransomware and a new defense evasion technique using virtual machines and running VirtualBox in headless mode.

Learn More

Blog | Jun 3, 2020

PCI DSS business as usual: The pandemic proved why businesses should adhere

PCI DSS Business as Usual is the best way to ensure you're protecting credit card data as part of regular operations. The pandemic proved this. Learn how.

Learn More

Blog | Jun 2, 2020

Monitoring Telework Security with Disappearing Network Perimeters

Establishing ways of monitoring telework security with disappearing network perimeters, securing endpoints, and considering employee privacy is crucial.

Learn More

Blog | May 28, 2020

5 Considerations for writing New Remote Workforce Policies and Procedures

Writing new remote workforce policies and procedures for cybersecurity requires special considerations, which we explore in this article.

Learn More

Blog | May 27, 2020

3 differences in Incident Response for a new remote workforce

Explore incident response for a new remote workforce and how to prepare for an incident response team (IRT) answering to a security incident.

Learn More

Blog | May 27, 2020

Ramsay Malware targets Windows OS

This threat report is about Ramsay malware that targets Windows operating system hosts to steal valuable intelligence for espionage-related reasons.

Learn More

Blog | May 26, 2020

Gauging Risk Tolerance for Remote Workforce Security versus Privacy

As organizations adjust to and consider permanently adopting a telework model, they must consider the privacy vs. remote workforce security implications.

Learn More

Blog | May 21, 2020

The Importance of Identity Management and Governance for Telework Security

The importance of identity management and governance for telework security was revealed with the shift to telecommuting for pandemic response. Learn more.

Learn More

Blog | May 19, 2020

The Business Continuity Shift: Ensuring Telework Security

Ensuring telework security means going beyond most existing BCPs to address unprecedented considerations in protecting a majority virtual work environment.

Learn More

Blog | May 18, 2020

Critical Palo Alto firewall vulnerabilities identified

This threat report is about critical Palo Alto firewall vulnerabilities PAN-SA-2020-0005 PAN-OS, PAN-SA-2020-0006 PAN-OS, CVE-2020-2018, and CVE-2020-2005.

Learn More

Blog | May 14, 2020

10 Ways Using SIEM Technology can automate fulfilling HIPAA Regulations

SIEM technology can automate fulfilling HIPAA regulations to help healthcare organizations achieve compliance and improve their security posture. Learn how.

Learn More

Blog | May 12, 2020

Newly discovered SolarWinds MSP Vulnerability presents nation-state threat

This threat report is about a recently discovered SolarWinds MSP patch management engine (PME) vulnerability called CVE-2020-12608.

Learn More

Blog | May 12, 2020

Using MITRE ATT&CK Framework for Beyond-Checkbox Cybersecurity

Using the MITRE ATT&CK framework helps cybersecurity teams get insight into the tactics, techniques, and procedures adversaries use to compromise networks.

Learn More

Blog | May 7, 2020

4 Security precautions before reintroducing devices to the network

During the transition back to office environments, organizations should take these four security precautions before reintroducing devices to the network.

Learn More

Blog | May 6, 2020

Achieve Secure Cloud Adoption using HITRUST

We explain how using HITRUST to achieve secure cloud adoption helps assign responsibility for security controls between businesses and third-party vendors.

Learn More

Blog | May 5, 2020

3 things for HIPAA Compliance when returning to normal operations

Here are things your workers responsible for protecting the privacy of PHI at all times should do for HIPAA compliance when returning to normal operations.

Learn More

Blog | May 4, 2020

VMWare ESXI Vulnerability Allows Malicious Code Injection

Learn about CVE-2020-3955, a VMWare ESXI vulnerability caused by the improper validation of user-supplied inputs, and what to do to protect your business.

Learn More

Blog | Apr 30, 2020

Complying with HIPAA Encryption Standards: What you need to know

Successfully complying with HIPAA encryption standards to protect ePHI is expected by HHS. Learn what you need to do to be HIPAA compliant.

Learn More

Blog | Apr 28, 2020

Remaining PCI compliant while reopening following COVID-19

Businesses returning to normal operations and that handle credit cards must keep their eye on remaining PCI compliant while reopening following COVID-19.

Learn More

Blog | Apr 28, 2020

How to know if your MSSP is equipped to support you through a breach

It’s crucial your MSSP is equipped to support you in the case of a breach by being able to pivot from normal operations to incident response on your behalf.

Learn More

Blog | Apr 27, 2020

New Spear Phishing Attacks use fake O365 link to gain access

Avertium reports on new spear phishing attacks by a well-known threat actor involving a macro infested Word document using a fake Office 365 link.

Learn More

Blog | Apr 24, 2020

Why Pen Tests are key to a Robust Incident Response Plan

Security incidents are expensive and timely detection is key. You can develop a more relevant IR plan by assessing vulnerabilities through a pen test.

Learn More

Threat Report | Apr 21, 2020

Threat Report: APT41 using Speculoos to exploit Citrix Vulnerabilty

APT41 using Speculoos, a custom-coded backdoor trojan, to exploit a well-known Citrix vulnerability is dangerous for users. Learn why.

Learn More

Blog | Apr 21, 2020

CISO Advice: Operating to a Cybersecurity Gold Standard during crisis

CISO advice for ensuring your managed security service provider is protecting you and themselves by adhering to a cybersecurity gold standard.

Learn More

Blog | Apr 16, 2020

Community Bank Cybersecurity during COVID-19

Community bank cybersecurity has become even more difficult during COVID-19 due to the shift to a remote workforce and increased phishing scams. Learn more.

Learn More

Blog | Apr 14, 2020

How to protect workers from increased phishing attacks during COVID-19

Protect your workers from increased phishing attacks during COVID-19 by teaching them phishing scam indicators, creating a safe reporting culture, and more.

Learn More

Blog | Apr 13, 2020

CVE-2020-3952 VMWare vCenter Software Vulnerability

This report is about the CVE-2020-3952 VMWare vCenter software vulnerability caused by improper access controls affecting the VMware Directory Service.

Learn More

Blog | Apr 8, 2020

AT&T Cybersecurity names Avertium 2019 North American Partner of the Year

Avertium is named AT&T Cybersecurity's 2019 North American Partner of the Year. The award recognizes Avertium for outstanding growth in North America.

Learn More

Blog | Apr 8, 2020

Restaurants, Be Aware of PCI DSS Requirement 3.2 during COVID-19

Restaurants need to be aware of PCI DSS requirement 3.2 and how it relates to the new carry out and curbside business models spurred by COVID-19.

Learn More

Blog | Apr 7, 2020

3 Ways to stay PCI Compliant during the COVID-19 Pandemic

Businesses transitioning to support remote work environments to remain operational need to stay PCI compliant during the COVID-19 pandemic. Learn how.

Learn More

Blog | Apr 6, 2020

Stop using online collaboration tools until you read this

This article covers online collaboration tools security and explains the associated risks and best practices for protecting your workers.

Learn More

Blog | Apr 6, 2020

Zoom virtual meeting Vulnerabilities

This threat report covers Zoom virtual meeting vulnerabilities with potential for immense concerns, their potential impact and Avertium's recommendations.

Learn More

Blog | Apr 2, 2020

HIPAA Compliance during the COVID-19 Outbreak

HIPAA outlines special provisions for information sharing. We've outlined below the various scenarios in which the sharing of patient data without authorization is permissible.

Learn More

Blog | Mar 31, 2020

Cybersecurity tips for your remote workers

We've put together a list of cybersecurity tips for users who are working from home for the near to mid-term future as the world responds and takes measures to contain the spread of COVID-19.

Learn More

Blog | Mar 24, 2020

COVID-19 Phishing Scams to Watch For

Covid-19 phishing scams and other social engineering tactics exploiting this confusing time are surfacing. Watch for these to protect your organization.

Learn More

Blog | Mar 23, 2020

Latest Pawn Storm attack methods

An analysis of Pawn Storm aka APT28 aka Fancy Bear. It contains recommendations on how to prevent an attack in 2020.

Learn More

Blog | Mar 17, 2020

Avertium COVID-19 Preparedness and Response: An Open Letter from CEO Jeff Schmidt

An open letter from Avertium's CEO Jeff Schmidt to customers and partners regarding COVID-19 preparedness and response.

Learn More

Blog | Mar 16, 2020

Remote Workforce Security: 4 Best Practices

Four best practices for securing an expanding remote workforce during the COVID-19 pandemic.

Learn More

Blog | Mar 16, 2020

Vulnerability CVE-2020-0684 detected in Windows .LNK files

This report gives information about CVE-2020-0684 regarding a vulnerability that affects Windows .LNK files. Patching version included.

Learn More

Blog | Mar 9, 2020

Cybersecurity Spring Cleaning: 7 Steps for Critical Data Scanning

Cybersecurity spring cleaning should include critical data scanning using these 7 steps for data hygiene at least once a year. Learn more.

Learn More

Blog | Mar 9, 2020

ManageEngine Desktop Central, CVE-2020-10189

This threat report gives information about CVE-2020-10189 regarding a vulnerability the ManageEngine Desktop Central software. Patching version included.

Learn More

Blog | Mar 3, 2020

3 Reasons why you need a Human-Run Penetration Test

A human-run penetration test is a cybersecurity best practice that allows ethical hackers to proactively discover vulnerabilities for remediation.

Learn More

Blog | Feb 26, 2020

Avertium named to CRN MSP 500 Top 100 Security List for fourth consecutive year

Avertium, the national managed security and consulting provider, announced the company has been named to the CRN® 2020 MSP 500 Security 100 category.

Learn More

Blog | Feb 25, 2020

CVE-2020-1938, GhostCat Vulnerability

This threat report gives info. about CVE-2020-1938, or GhostCat, a vulnerability that affects the Apache Tomcat software package. Patching versions included.

Learn More

Blog | Feb 25, 2020

Why your Customer Service needs Chatbot Security

Chatbot security is important as customer service uses more sophisticated artificial intelligence (AI) tools to collect personal data.

Learn More

Blog | Feb 19, 2020

KBOT Virus

This threat report gives information about the KBOT virus that injects into executable files and core Windows processes. Includes steps to prevent infection.

Learn More

Blog | Feb 18, 2020

What you need to know about the New NIST Privacy Framework

Learn about the new NIST Privacy Framework and how organizations can use it to manage risks in compliance with consumer privacy legislation and regulation.

Learn More

Blog | Feb 16, 2020

Updates on North Korea's HIDDEN COBRA

This report shows the latest updates on HIDDEN COBRA malware toolsets including ARTFULPIE, CROWDEDFLOUNDER, HOTCROISSANT, HOPLIGHT, and SLICKSHOES.

Learn More

Blog | Feb 10, 2020

CDPwn: Five Cisco Vulnerabilities

This threat report is about CDPwn, the collective name for five major Cisco vulnerabilities affecting a multitude of the company's products.

Learn More

Blog | Feb 6, 2020

NOTROBIN Malware Exploiting Citrix CVE-2019-19781

This Threat Report explains the backdoor trojan NOTROBIN malware that exploits the Citrix CVE-2019-19781 vulnerability and offers recommended remediation.

Learn More

Threat Report | Feb 3, 2020

Ragnorak and Eternal Blue Exploit CVE-2019-19781

This report is about a ransomware campaign that utilizes Ragnorak and Eternal blue to exploit the heavily reported vulnerability CVE-2019-19781.

Learn More

Blog | Jan 29, 2020

5 Steps to Recovering from a failed PCI ROC

Failing a PCI ROC doesn’t mean the end of your ability to do business. Our PCI QSAs provides five steps to recovering from a failed ROC.

Learn More

Blog | Jan 21, 2020

The ABCs of CVE-2020-0601

In this article, we will discuss what you need to know about CVE-2020-0601 and the Windows Crypt32.dll vulnerability.

Learn More

Blog | Jan 20, 2020

3 ways to optimize your existing Cybersecurity Investment

Learn how optimizing your current cybersecurity investment pays better dividends than spending on additional tools and helps to protect against cybercrime.

Learn More

Blog | Jan 16, 2020

Citrix CVE-2019-19781: The Facts

What you need to know about the Citrix vulnerability CVE-2019-19781 if your environment is affected and the mitigation steps to take.

Learn More

Blog | Jan 15, 2020

Using Deception Against Pass-the-Hash Attacks

Learn how to use deception against pass-the-hash attacks to subtly guide even experienced attackers away from data and where you want them to go.

Learn More

Blog | Jan 9, 2020

Deception in Cyber Defense in Layman's Terms

This is an introduction to the use of deception as a defensive mechanism in cybersecurity. It includes the use of honey pots in cyber defense.

Learn More

Blog | Jan 8, 2020

Dealing with a Discovered Vulnerability

The active threat landscape means that dealing with a discovered vulnerability may move to the top of your to-do list this year. Learn what to do.

Learn More

Blog | Jan 7, 2020

Operation Wocao CVE-2020-0601

Operation Wocao, CVE-2020-0601 and how to prevent an attack from compromising networks, administrative user accounts and loss of sensitive data.

Learn More

Blog | Jan 6, 2020

Enterprise Grade Malware JsOutProx

An overview of the enterprise-grade malware dubbed JsOutProx which targets Windows.

Learn More

Blog | Dec 31, 2019

Cybersecurity Begins in the C-Suite

Placing all the burden of cybersecurity program decisions entirely on IT can cause paralysis. Explore why the experts contend cybersecurity begins in the C-suite.

Learn More

Blog | Dec 30, 2019

New Larazus Group Dacls Malware targets Linux, Windows Devices

Lazarus Group's Dacls malware is the first RAT from the group to target Linux devices along with Windows systems. This report outlines the threat and pointers on how to protect against it.

Learn More

Blog | Dec 18, 2019

Ransomware Zeppelin targets North American Healthcare, Managed Service Providers

How is the latest ransomware Zeppelin targeting healthcare, managed service providers, and other technology companies, and what to do to protect your organization?

Learn More

Threat Report | Dec 5, 2019

Dexphot Polymorphic Malware

Report on Dexphot polymorphic malware whose campaign is to crytomine but deploys a sophisticated approach that makes detection and deploying countermeasures difficult.

Learn More

News & Resources

Flash Notice - Wormable Security Vulnerability Found in Several HP Printer Models

Everything you need to know about HITRUST - r2, bC, & i1 Assessments

Law Enforcement Cracks Down, Threat Actors Disappear & Re-Emerge

RaaS gangs, Drive-By Downloads, and Botnets - Are You a Target?

Vishing vs. Smishing- Stay Educated on the Latest Cyber Attacks

Flash Notice - Windows Zero-Day 'InstallerFileTakeOver' Vulnerability Allows Unauthorized Users to Become an Admin

Flash Notice - APT Group Exploits FatPipe Zero-Day Vulnerability for 6 Months

Flash Notice - Emotet Botnet is Back with New Spam Campaigns

Flash Notice - BotenaGo Botnet Could Affect Millions of Routers & IoT Devices

Everything You Need to Know About HIVE Ransomware

Creating a Business-First Incident Response Plan

TIR-20211004 An In-Depth Look at Ransomware Gang, Conti

Stay Vigilant With Cybersecurity During the Holidays

Flash Notice - Philips TASY EMR Vulnerabilities Could Cause Patient Data Breach

Avertium Joins the Microsoft Intelligent Security Association

The Resurgence of Russian Threat Actor, NOBELIUM

The Top 5 Cyber Threats in the Healthcare Industry

CIOReview Awards Avertium – Security You Can Trust

Cyber Insurance - Is Advanced Protection Worth it?

TIR-20211011 DDoS Attacks & The Meris Botnet

American Hospital Association + Avertium Emphasize the Growing Need for Cybersecurity in Healthcare

Third-Party Supply Chain Risk - Valuable Partners or Potential Threats?

Flash Notice - Apache Fixes Zero-Day Vulnerability on Airflow Servers

How to Raise Your Healthcare Organization’s Game to Combat Cybercriminals

TIR – 20210920 T-Mobile and BlackBerry - Why Waiting to Inform May Cost You

Avertium Named to MSSP Alert’s Top 250 MSSPs List for 2021

Flash Notice - Critical VMware vCenter Server Flaw

Flash Notice - Microsoft Azure OMIGOD Vulnerability

Why the Time is Now for CISOs to Advocate for Cybersecurity

T-Mobile Data Breach Review: 40 Million Customers Compromised

Appgate: Practical Steps to Deploying Zero Trust Network Access

Scaling Remediation in the Face of Competing Priorities

Remote Workforce + Data Breach: A Perfect Storm

Appgate: When “Trust but Verify” isn’t enough.

New Techniques to Strengthening Threat Detection and Response

Key Shifts in Identity Management and Governance

Zero Trust: Fast-Tracking Security in the New Work Anywhere Norm

Rising Ransomware Attacks, the Advent of XDR, & What it Means for the Future of Threat Detection and Response

Securing Remote Workers; Fact & Fiction

How to Implement a Risk-Based Strategy for "Killer" Threat Hunting Programs

Everything You Need to Know to Create An Effective Incident Response Plan

Strengthening Cybersecurity with Consensus: How to Build Positive Board Relationships

8 Steps to Take if You've Been Breached

5 Ways to Prevent Ransomware

6 Steps to Implementing a Zero Trust Network

Security Operations Maturity Model (SOMM)

7 Metrics to Measure the Effectiveness of Your Security Operations

Budgeting for a Modern SIEM

Essential Guide to HIPAA Compliance

HIPAA Privacy During a COVID-19 Outbreak Re-Occurrence

HIPAA Compliance in a Pandemic

9 Steps to Manage Third-Party Information Security Risk

The Risky Business of SaaS + Hybrid Cloud and What to do about it

4 Trending Phishing Techniques and Tips for Detection

Guide to Selecting an MSSP or In-house Solution

Threat-Based Security at the Intersection of MITRE ATT&CK and NIST CSF

Building an XDR Solution: Factors You Ought to Consider for ZTNA, EDR, Vulnerability Scanning and SIEM

XDR is Not Only About Technology and Why this Matters

Navigating Cybersecurity & Managing Data Breach Risks

Mitigating Remote Work-Related Threats

5 Essential Steps to Creating a Relevant Incident Response Plan

The Ultimate Incident Response Plan Checklist

Ransomware Trends in 2021

Leveraging Zero Trust Architecture to Contain & Combat Ransomware

TIR-20210913 TEAMTNT – “CHIMAERA” CRYPTOMINING MALWARE CAMPAIGN TARGETS SERVERS

An In-Depth Look at Ransomware Gangs, LockFile and LockBit 2.0

Flash Notice – Microsoft Issues Warning for Remote Code Execution Vulnerability

Threat Actor Profile – “BlackMatter”

Beware of Clever Email Phishing Campaigns

Flash Notice – The PrintNightmare Continues

XDR: Tech Stack, Service, Process, or All Three?

Microsoft Exchange Server Breach is Formally Attributed to China by the U.S

President Biden’s Executive Order on Cybersecurity: What it does & What it doesn’t do

A Zero Trust Network Architecture (ZTNA) POV with Appgate

July 4th Post Mortem on PrintNightmare and REvil

Flash Notice: SonicWall Warns of Imminent Ransomware Attack Against EOL Products

Summary of the International Institute for Strategic Studies’ Nation-State Cyber Power Assessment

CobaltStrike Overview

PrintNightmare – Unpatched remote code execution vulnerability in default windows print spooler service

How can you leverage your SIEM as part of your Zero Trust strategy?