Avertium Resources | Managed Security Services & Consulting Provider

Webinar | May 18, 2022

Flash Notice: [CVE-2022-1388] Critical Remote Code Execution Vulnerability Found in F5's BIG-IP Systems

A critical vulnerability (CVE-2022-1388) was found in F5’s BIG-IP systems last week and is now being exploited in the wild.

Learn More

Threat Report | May 3, 2022

Ragnar Locker Ransomware: Everything You Need To Know (Attacks & Analysis)

Initially discovered in April 2020, Ragnar Locker is both ransomware and a ransomware gang, and they've on the FBI’s radar ever since.

Learn More

News | May 2, 2022

How is the U.S. government preparing for critical infrastructure attacks?

Help Net Security – In this video, Paul Caiazzo, Advisor at Avertium, talks about critical infrastructure attacks, their potential impact, and what the U.S. government is doing to prepare for them.

Learn More

Blog | Apr 28, 2022

Flash Notice: Critical RCE Vulnerability Found in VMware Workspace ONE Access & Identity Manager

Threat actors are currently exploiting an RCE vulnerability due to a server-side template injection in VMware Workspace ONE Access and Identity Manager.

Learn More

Threat Report | Apr 26, 2022

An In-Depth Look at Data Extortion Group, Lapsus$

In March, Lapsus$ breached Globant and then breached T-Mobile in April, stealing the company’s source code. Let’s take a look at the their tactics.

Learn More

Threat Report | Apr 19, 2022

Russia vs. Ukraine Part Two

As the world continues to watch the physical war between Russia vs. Ukraine, cybersecurity professionals are watching the cyber war between the two.

Learn More

Blog | Apr 14, 2022

What's Quantum Computing Got to do With It?

Today, we still hear about quantum computing + how it will break the current encryption methods on which we depend to secure and store data. To understand this threat, we need to understand how our current methods work.

Learn More

Threat Report | Apr 13, 2022

An In-Depth Look at Iranian APT "MuddyWater"

Iranian APT MuddyWater is known for cyber espionage, as well as other cyber criminal operations as part of Iran’s Ministry of Intelligence and Security.

Learn More

Threat Report | Apr 5, 2022

An In-Depth Look at Pandora Ransomware

In March 2022, it was discovered that the Pandora ransomware group was targeting high-profile victims on their leak site.

Learn More

Blog | Apr 1, 2022

Flash Notice: [CVE-2022-22965] Critical Zero-Day RCE Vulnerability Found in VMware's Spring Framework

On Tuesday, March 29, 2022, A zero-day remote code execution (RCE) vulnerability (CVE-2022-22965) was found in VMware’s Spring Framework.

Learn More

Blog | Mar 31, 2022

How to Detect Ransomware: Best Practices for Avoiding Malware Attacks

The best defense against ransomware is by understanding how ransomware works and how to effectively use mechanisms that detect it early.

Learn More

Blog | Mar 29, 2022

Flash Notice: [CVE-2022-1096] Zero-Day Google Chrome Type Confusion Vulnerability

3/23/22 - Google was alerted about a dangerous zero-day vulnerability found in all Chromium based browsers. It's being tracked as CVE-2022-1096.

Learn More

Threat Report | Mar 29, 2022

Remain Vigilant: Log4Shell Still Being Exploited

Although conversation regarding Log4Shell has diminished, the exploit is still an issue for organizations and remains a permanent threat.

Learn More

Ebook | Mar 23, 2022

2022 Ransomware Trends

Learn More

Blog | Mar 23, 2022

Flash Notice: Authentication Company, Okta, Breached by Lapsus$

Okta Inc., an authentication company used globally, is at the center of a potential data breach caused by the data extortion group, Lapsus$.

Learn More

Whitepaper | Mar 23, 2022

How to Raise Your Healthcare Organization’s Game to Combat Cybercriminals

The American Hospital Association teamed up with Avertium in order to cultivate expert-based knowledge that could help you prevent an attack on your hospital.

Threat Report | Mar 22, 2022

An In-depth Look at Conti's Leaked Log Chats

At the end of February 2022, internal chats from the ransomware gang, Conti, were leaked by a Ukrainian security researcher and published on Twitter.

Learn More

Blog | Mar 18, 2022

Not all Penetration Tests are Created Equal: Tools for Effective Pen Testing

Choosing a penetration test provider does not have to be a difficult process. Here is what you need to know about effective tools for pen testing and more.

Learn More

Blog | Mar 17, 2022

Flash Notice: The Cyber War Continues - CaddyWiper vs RURansom

As the war between Russia and Ukraine continues, CaddyWiper and RURansom take center stage in cyber space.

Learn More

Blog | Mar 16, 2022

Flash Notice: Russian State-Sponsored Threat Actors Bypass Two-Factor Authentication Implementation, Gain Access to Cloud Storage Services

The FBI & CISA issued a statement this week warning companies that Russian state-sponsored threat actors gained access to an unnamed organization’s network

Learn More

Threat Report | Mar 16, 2022

An In-depth Look at the Kraken Botnet

The recently discovered Kraken botnet is under active development and is stealing data from Windows hosts.

Learn More

Threat Report | Mar 9, 2022

"Bronze Mohawk" & Cyber Espionage

Bronze Mohawk (aka APT40) has been active since 2009. Today, they are laying low, but a recent discovery may link the the group to recent malware attacks.

Learn More

Ebook | Mar 4, 2022

2022 Cybersecurity Predictions

Find out Avertium's predictions for the cybersecurity industry in 2022, and get the tools and resources you need to be prepared.

Learn More

Blog | Mar 1, 2022

Flash Notice: HermeticWizard, HermeticRansom, and IsaacWiper Target Ukraine

This week, ESET researchers discovered three new cyber attacks against Ukraine: HermeticWizard, HermeticRansom, and IsaacWiper.

Learn More

Threat Report | Mar 1, 2022

Roaming Mantis, an Evolving Phishing Campaign

Roaming Mantis was first introduced in March 2018 and what started off as a banking trojan, has quickly evolved into much more.

Learn More

News | Feb 25, 2022

How to Prevent a Cyber Attack

WATE (ABC) News – A round of cyber attacks happened hours before Russia invaded Ukraine. Jeff Schmidt, CEO of Avertium, shares how you can bulk up your cybersecurity.

Learn More

News | Feb 25, 2022

Federal Agencies Warn of Cyber Threats After Russia Sanctions

WBIR-TV Knoxville – Avertium's insight on President Biden's "shields up" message.

Learn More

News | Feb 24, 2022

Fears Rise of Potential Russian Cyberattacks on US, Allies Over Sanctions

DarkReading – If past is precedent, the cyber impact of the war in Ukraine could be broad and bruising, experts say.

Learn More

Blog | Feb 24, 2022

The Art & Science of Threat Hunting – A Guide to Preventing Cyber Attacks

While threat detection focuses on identifying evidence of an attack such as correlated events or signature-based detection, threat hunting takes a more proactive approach to cybersecurity.

Learn More

Blog | Feb 24, 2022

Flash Notice: [New Malware] - CISA Warns of Renewed Russian Threat as New Activity is Seen in Ukraine

Tension between Russia and Ukraine is at an all-time high. While there are currently no credible threats to the U.S., there is still imminent possibility.

Learn More

Blog | Feb 22, 2022

Flash Notice: [CVE-2021-24086] Critical RCE Bug in Adobe Commerce, Magento

On February 18, 2022, Adobe released a patch for CVE-2021-24086 that fixes an RCE bug in the Magento Open Source and Adobe Commerce platforms.

Learn More

Threat Report | Feb 22, 2022

Super Bowl Weekend: BlackByte & Coinbase Were the Real Stars of the Show

While most of America was being entertained by the Super Bowl, a BlackByte ransomware attack + one more incident took place, & both flew under the radar.

Learn More

Blog | Feb 15, 2022

Flash Notice: Moxa MXview Network Management Software has Critical Security Flaws

On February 14, 2022, researchers from Claroty’s Team82 disclosed several security flaws in the Moxa MXview web-based network management system.

Learn More

Threat Report | Feb 15, 2022

BlackCat Ransomware & Triple Extortion (Analysis & Tactics)

Learn everything you need to know about BlackCat ransomware and how they fit into our current threat intelligence landscape.

Learn More

News | Feb 14, 2022

Avertium Recognized on CRN's Top 100 Managed Security Provider for Sixth Consecutive Year

Avertium has been named to the Security 100 list for the sixth consecutive year, ranking among cybersecurity premium Managed Security leaders.

Learn More

Threat Report | Feb 9, 2022

Everything You Need to Know About Night Sky Ransomware

A group of unknown threat actors have been using Night Sky ransomware to exploit vulnerabilities in Log4j2. Let’s look at why this has become a challenge.

Learn More

Blog | Feb 9, 2022

Flash Notice: LockBit 2.0 - FBI Releases New IoCs for Ransomware Attacks

On Friday, February 4, 2022, the FBI released technical details and new indicators of compromise associated with LockBit 2.0.

Learn More

Threat Report | Feb 1, 2022

How WhisperGate Affects the U.S. and Ukraine

Let’s take a look at WhisperGate, why it’s become a major concern for the Ukrainian government, and how these cyberattacks could spill over into the U.S.

Learn More

Ebook | Jan 27, 2022

Looking Back & Moving Forward: An Overview of 2021 Cybersecurity Events & Predictions for 2022

Recall major attacks, trends, and innovations in the cybersecurity industry over 2021, and find out Avertium's predictions for the industry in 2022.

Learn More

Blog | Jan 26, 2022

Flash Notice: “PwnKit”: Linux PolicyKit Security Vulnerability Discovered in Polkit’s Pkexec, Hiding in Plain Sight for 12 years

A memory corruption vulnerability was discovered in Polkit’s pkexec. CVE-2021-4034, aka PwnKit, could allow unprivileged users to gain root privileges by exploiting it in its default configuration.

Learn More

Blog | Jan 26, 2022

Flash Notice: Threat Actors Target SonicWall RCE Vulnerability (CVE-2021-20038)

New exploits of a critical vulnerability (CVE-2021-20038) affecting SonicWall's Secure Mobile Access (SMA) gateway was discovered yesterday.

Learn More

Threat Report | Jan 25, 2022

Introducing Norton 360 and Avira's Built-In Cryptocurrency Miners

Norton 360 and Avira step outside their comfort zone and begin to offer their customers cryptocurrency mining services via their antivirus software.

Learn More

News | Jan 20, 2022

Avertium named 2021 LogRhythm Managed Services Partner of the Year

Avertium has been named “Managed Services Partner of the Year” by LogRhythm as part of LogRhythm’s annual Partner Program awards.

Learn More

Blog | Jan 19, 2022

Understanding Cybersecurity Best Practices

The following basic cybersecurity best practices could help keep your organization from becoming the next big headline.

Learn More

Blog | Jan 18, 2022

Flash Notice: Microsoft Warns - Ukrainian Organizations Targeted by Destructive Malware Disguised as Ransomware

Microsoft published a report detailing their discovery of malware disguised as ransomware being used to corrupt systems of several Ukrainian organizations.

Learn More

Threat Report | Jan 11, 2022

An In-Depth Look at Ransomware Gang, Sabbath

The ransomware gang, Sabbath, has flown under the radar for over a year but recently made headlines because of their unique attack method.

Learn More

Threat Report | Jan 6, 2022

Log4Shell Post-Mortem and What We Learned About Open-Source Security

Attackers have been exploiting Log4Shell since the news broke and will likely continue to do so. What does Log4Shell teach us about what's to come in 2022?

Learn More

Blog | Jan 3, 2022

Flash Notice: Y2K22? Microsoft Exchange Server Breaks as we Welcome the New Year

As the clock struck midnight on 1/1/2022, Microsoft had an unexpected hiccup with its Exchange servers, which meant the servers couldn't process mail.

Learn More

News | Dec 30, 2021

Avertium's Paul Caiazzo Featured at the 2021 Channel Partners Conference & Expo

This year's Channel Partners Conference featured a variety of experts in the fields of technology and cybersecurity including Avertium's own Paul Caiazzo.

Learn More

Threat Report | Dec 17, 2021

End of Year Recap for 2021

We saw some of the most deviant cyber attacks in 2021 cause chaos for organizations across the globe. Discover this year's most talked about cyber attacks.

Learn More

Blog | Dec 13, 2021

Flash Notice: (UPDATED) Zero-Day Vulnerability - Log4Shell is a Critical Threat to Applications

Security teams are in a hurry to patch an unknown active vulnerability that was found in Apache’s Log4j and is now named Log4Shell ((CVE-2021-44228).

Learn More

Blog | Dec 10, 2021

UPDATE: APT Group Continues to Exploit Multiple Zoho ManageEngine Vulnerabilities

Due to an unsuccessful patch in Zoho ManageEngine ServiceDesk Plus in September 2021, several undisclosed organizations have been compromised by APT Group

Learn More

Blog | Dec 7, 2021

Flash Notice: APT Group Continues to Exploit Zoho ManageEngine ServiceDesk Plus Vulnerability

Due to an unsuccessful patch in Zoho ManageEngine ServiceDesk Plus in September 2021, several undisclosed organizations have been compromised by APT Group

Learn More

Threat Report | Dec 7, 2021

An In-Depth Look at Yanluowang Ransomware

United States organizations within the financial sector are currently being attacked by a recently discovered ransomware operation named, Yanluowang.

Learn More

Blog | Dec 2, 2021

Flash Notice - Wormable Security Vulnerability Found in Several HP Printer Models

Cyber security researchers have discovered two vulnerabilities, now named Printing Shellz, that affect 150 different HP multifunction printers.

Learn More

Blog | Dec 1, 2021

Everything you need to know about HITRUST - r2, bC, & i1 Assessments

This blog provides a HITRUST assessment overview and answers your HITRUST certification questions including 'What is HITRUST?' and how to become certified.

Learn More

Threat Report | Dec 1, 2021

Law Enforcement Cracks Down, Threat Actors Disappear & Re-Emerge

The FBI has recently started to crack down on RaaS gangs. Now threat actors are going off the grid, then re-emerging months or years later.

Learn More

Blog | Nov 30, 2021

RaaS gangs, Drive-By Downloads, and Botnets - Are You a Target?

Don't fall behind on RaaS gang trends - find out more about drive-by downloads, botnets, and what they could mean for your IT environment.

Learn More

Threat Report | Nov 29, 2021

Vishing vs. Smishing- Stay Educated on the Latest Cyber Attacks

Unfortunately, vishing and smishing attacks happen to people every day. Let’s take a look at the differences between vishing and smishing attacks.

Learn More

Blog | Nov 29, 2021

Flash Notice - Windows Zero-Day 'InstallerFileTakeOver' Vulnerability Allows Unauthorized Users to Become an Admin

During Patch Tuesday, Microsoft fixed a zero-day Windows vulnerability. However, the patch was bypassed and led to a new privilege elevation vulnerability named ‘InstallerFileTakeOver’.

Learn More

Blog | Nov 19, 2021

Flash Notice - APT Group Exploits FatPipe Zero-Day Vulnerability for 6 Months

The FBI issued a notice yesterday warning that APT has been exploiting a zero-day vulnerability in FatPipe’s router clustering and load balancer products.

Learn More

Blog | Nov 19, 2021

Flash Notice - Emotet Botnet is Back with New Spam Campaigns

Last seen in January 2021, after law enforcement took them down, Emotet is back & is using TrickBot to install Emotet malware on infected Windows systems.

Learn More

Blog | Nov 17, 2021

Flash Notice - BotenaGo Botnet Could Affect Millions of Routers & IoT Devices

A new botnet named BotenaGo has been seen in the wild targeting a number of IoT devices & routers. BotenaGo can exploit up to 30 different vulnerabilities.

Learn More

Threat Report | Nov 16, 2021

HIVE Ransomware: Everything You Need To Know (Attacks & Analysis)

Hive has a variety of techniques and tactics that are challenging for cyber security professionals to defend and mitigate. Learn more.

Learn More

Ebook | Nov 15, 2021

Creating a Business-First Incident Response Plan

Breaches are no longer a simple ransom to be paid. The ripple effect that follows an attack can leave a long-lasting impact if your company is not prepared.

Learn More

Threat Report | Nov 11, 2021

TIR-20211004 An In-Depth Look at Ransomware Gang, Conti

A Russian-speaking RaaS organization, Conti uses RaaS to deploy disruptive ransomware attacks that target critical infrastructures.

Learn More

Threat Report | Nov 10, 2021

Stay Vigilant With Cybersecurity During the Holidays

Experts warn to stay vigilant with cybersecurity during the holidays, as there will be no shortage of attacks during the 2021/2022 holiday season.

Learn More

Blog | Nov 9, 2021

Flash Notice - Philips TASY EMR Vulnerabilities Could Cause Patient Data Breach

On November 5, 2021, Philips advised their customers of two security vulnerabilities that may cause a patient data breach in their TASY EMR HTML5 system.

Learn More

Blog | Nov 4, 2021

Avertium Joins the Microsoft Intelligent Security Association

Avertium, a cybersecurity services partner, joins the Microsoft Intelligent Security Association (MISA).

Learn More

Threat Report | Nov 3, 2021

The Resurgence of Russian Threat Actor, NOBELIUM

Recently, NOBELIUM has been seen making their rounds again, but this time their focus has shifted to software and cloud service resellers.

Learn More

Threat Report | Oct 29, 2021

The Top 5 Cyber Threats in the Healthcare Industry

The healthcare sector should be the last industry cyber criminals attack, but no exceptions are made when threat actors are looking to make money.

Learn More

Blog | Oct 26, 2021

CIOReview Awards Avertium – Security You Can Trust

CIOReview awards Avertium as 2021's " Most Promising Enterprise Security Solution Providers".

Learn More

Blog | Oct 22, 2021

Cyber Insurance - Is Advanced Protection Worth it?

Learn more about cyber insurance by understanding what it provides, how to pick a plan, and how it could save your organization in case of a breach.

Learn More

Threat Report | Oct 12, 2021

TIR-20211011 DDoS Attacks & The Meris Botnet

A DDoS attack is a disruption to internet-based services that can make any internet connected machine unavailable to perform its intended purpose.

Learn More

Blog | Oct 8, 2021

American Hospital Association + Avertium Emphasize the Growing Need for Cybersecurity in Healthcare

Avertium worked with LogRythm and the American Hospital Association to create an eBook meant for healthcare and its ever-growing need for cybersecurity.

Learn More

Blog | Oct 7, 2021

Third-Party Supply Chain Risk - Valuable Partners or Potential Threats?

Your organization's supply chain could serve as an entry point for threat actors. Learn how to manage potential threats that may arise from your vendors.

Learn More

Blog | Oct 6, 2021

Flash Notice - Apache Fixes Zero-Day Vulnerability on Airflow Servers

Researchers from Intezer published details about two Apache Airflow Server vulnerabilities that are being tracked as CVE-2021-41773.

Learn More

Whitepaper | Oct 5, 2021

How to Raise Your Healthcare Organization’s Game to Combat Cybercriminals

The American Hospital Association teamed up with Avertium in order to cultivate expert-based knowledge that could help you prevent an attack on your hospital.

News | Sep 30, 2021

Avertium’s Paul Caiazzo Named “CISO of the Year” in 2021 CyberSecurity Breakthrough Awards Program

Chief Information Security Officer, Paul Caiazzo, has been named “CISO of the Year” in the fifth annual CyberSecurity Breakthrough Awards program.

Learn More

News | Sep 29, 2021

Avertium and Black Kite Announce Strategic Partnership in New Approach to Attack Surface Monitoring

Avertium announces a joint partnership through Black Kite’s Aviator Partner Program to provide a comprehensive approach to attack surface monitoring and supply chain cyber security risk.

Learn More

Threat Report | Sep 28, 2021

TIR – 20210920 T-Mobile and BlackBerry - Why Waiting to Inform May Cost You

Both T-Mobile and BlackBerry faced scrutiny after they failed to promptly inform customers of software vulnerabilities that affected millions of people.

Learn More

Blog | Sep 27, 2021

Avertium Named to MSSP Alert’s Top 250 MSSPs List for 2021

The list identifies the top MSSPs, managed detection and response (MDR) and Security Operations Center as a Service (SOCaaS) providers worldwide.

Learn More

Blog | Sep 24, 2021

Flash Notice - Critical VMware vCenter Server Flaw

VMware released a statement detailing how Internet-exposed vCenter servers are actively being targeted by attackers.

Learn More

Blog | Sep 23, 2021

Flash Notice - Microsoft Azure OMIGOD Vulnerability

The researchers at Cloud security company, Wiz, disclosed a new vulnerability, OMIGOD, that affects Microsoft Azure.

Learn More

Ebook | Sep 21, 2021

Why the Time is Now for CISOs to Advocate for Cybersecurity

In this current moment of data breaches...CISOs have an opportunity to position cybersecurity investment as the path to innovation - not a blocker.

Learn More

Blog | Sep 20, 2021

T-Mobile Data Breach Review: 40 Million Customers Compromised

On August 17th, 2021, a ransomware attack caused a T-Mobile data breach, compromising over 40 million people’s PII. Here's what you need to know.

Learn More

Webinar | Sep 15, 2021

Appgate: Practical Steps to Deploying Zero Trust Network Access

Learn about Zero Trust Network access fundamentals, the benefits of ZTNA, and the challenges you might encounter as you make the shift to a ZTN model. Part 2 of a 3-part series.

Watch Now

Webinar | Sep 15, 2021

Scaling Remediation in the Face of Competing Priorities

Learn how you can leverage NIST CSF to scale a vulnerability management program and accelerate your remediation efforts.

Watch Now

Webinar | Sep 15, 2021

Remote Workforce + Data Breach: A Perfect Storm

With companies having to quickly pivot to a remote workforce, it's important to adapt your incident response (IR) plan, data privacy procedures, and more.

Watch Now

Webinar | Sep 15, 2021

Appgate: When “Trust but Verify” isn’t enough.

Learn about Zero Trust Network access fundamentals, the benefits of ZTNA, and the challenges you might encounter as you make the shift to a ZTN model.

Watch Now

Webinar | Sep 15, 2021

New Techniques to Strengthening Threat Detection and Response

Learn about the role of a SIEM in a ZTNA approach to cybersecurity.

Watch Now

Webinar | Sep 15, 2021

Key Shifts in Identity Management and Governance

Webinar discussing key shifts in identity management and governance - providing adjustments and tools to prepare for getting back to onsite work patterns.

Watch Now

Webinar | Sep 15, 2021

Zero Trust: Fast-Tracking Security in the New Work Anywhere Norm

Recent world events (COVID-19) have fundamentally changed the way organizations enable employees and provide them access to critical applications and data.

Watch Now

Webinar | Sep 15, 2021

Rising Ransomware Attacks, the Advent of XDR, & What it Means for the Future of Threat Detection and Response

Highlighting security challenges (and more) for companies that operate in multi-cloud environments, having a highly interconnected supply chain that must now accommodate a hybrid workforce model.

Watch Now

Webinar | Sep 15, 2021

Securing Remote Workers; Fact & Fiction

Webinar providing tips on how to secure your company network, endpoints and remote workers in a remote working model.

Watch Now

Webinar | Sep 15, 2021

How to Implement a Risk-Based Strategy for "Killer" Threat Hunting Programs

Learn the elements of a threat hunting program, how to utilize NIST CSF and the Enterprise ATT&CK framework, and review recent ransomware case studies.

Watch Now

Ebook | Sep 15, 2021

Everything You Need to Know to Create An Effective Incident Response Plan

Creating an effective response plan specific to your business is the best way to ensure you are ready to mitigate the effect of a cyberattack. Learn how.

Learn More

Guide | Sep 15, 2021

Strengthening Cybersecurity with Consensus: How to Build Positive Board Relationships

For CISOs looking to strengthen their cybersecurity posture, board buy-in is a helpful ally. This free guide details tangible action steps that CISOs can take.

Learn More

Guide | Sep 15, 2021

8 Steps to Take if You've Been Breached

When it comes to a security breach, fast detection, mitigation and response are vital for reducing impact. This guide gives a formal, methodical approach.

Learn More

Infographic | Sep 15, 2021

5 Ways to Prevent Ransomware

Avertium offers five ways for your security team to prevent ransomware.

Learn More

Guide | Sep 15, 2021

6 Steps to Implementing a Zero Trust Network

This guide offers the 6 steps to implementing a zero trust network (ZTN) cybersecurity strategy to protect against cyber threat and improve your program.

Learn More

Whitepaper | Sep 15, 2021

Security Operations Maturity Model (SOMM)

Avertium and LogRhythm explain SIEM pricing models and educate SIEM buyers on how to mitigate security and financial risks associated with business growth.

Ebook | Sep 15, 2021

7 Metrics to Measure the Effectiveness of Your Security Operations

Avertium and LogRhythm explain metrics to measure the effectiveness of your security operations (SecOps) to detect and respond to cybersecurity events.

Learn More

Whitepaper | Sep 15, 2021

Budgeting for a Modern SIEM

Avertium and LogRhythm explain SIEM pricing models and educate SIEM buyers on how to mitigate security and financial risks associated with business growth.

Guide | Sep 15, 2021

Essential Guide to HIPAA Compliance

A complete guide to help you understand HIPAA compliance and the HIPAA Privacy, Security and Breach Notification Rules.

Learn More

Whitepaper | Sep 15, 2021

HIPAA Privacy During a COVID-19 Outbreak Re-Occurrence

Learn how to stay HIPAA compliant with the Privacy Rule and OCR Notifications of Enforcement Discretion during a COVID-19 pandemic outbreak re-occurrence.

Webinar | Sep 15, 2021

HIPAA Compliance in a Pandemic

Join the CEO of Avertium, Jeff Schmidt, for a discussion on the implications the pandemic has and will continue to have on HIPAA compliance.

Watch Now

Ebook | Sep 15, 2021

9 Steps to Manage Third-Party Information Security Risk

9 essential steps to managing third-party vendor risk that every information security professional can adopt for their organization.

Learn More

Whitepaper | Sep 15, 2021

The Risky Business of SaaS + Hybrid Cloud and What to do about it

Securing Your SaaS and Hybrid Cloud Solutions white paper examines opportunities, risks and best practices to integrate cloud into your security posture.

Whitepaper | Sep 15, 2021

4 Trending Phishing Techniques and Tips for Detection

Avertium teams up with LogRhythm to explain trending phishing techniques and gives tips for detecting phishing attacks using SIEM technology.

Whitepaper | Sep 15, 2021

Guide to Selecting an MSSP or In-house Solution

A complete guide to help you decide on whether to manage your SOC in-house or use an MSSP.

Whitepaper | Sep 15, 2021

Threat-Based Security at the Intersection of MITRE ATT&CK and NIST CSF

Examine how to use the NIST CSF in conjunction with MITRE ATT&CK to help define and enact threat-based cybersecurity and break the intrusion kill chain.

Whitepaper | Sep 15, 2021

Building an XDR Solution: Factors You Ought to Consider for ZTNA, EDR, Vulnerability Scanning and SIEM

White paper on building an XDR solution with ZTNA, EDR, vulnerability scanning and SIEM technologies and the factors you should consider for each.

Whitepaper | Sep 15, 2021

XDR is Not Only About Technology and Why this Matters

Learn why XDR is more than technology in order to achieve a proactive and more mature security posture.

Webinar | Sep 15, 2021

Navigating Cybersecurity & Managing Data Breach Risks

Webinar providing tips on how to secure your company network, endpoints and remote workers in a remote working model.

Watch Now

Webinar | Sep 15, 2021

5 Essential Steps to Creating a Relevant Incident Response Plan

Incident response templates are readily available online but how well do they work for your company's specific policies, procedures, and workflows?

Watch Now

Checklist | Sep 15, 2021

The Ultimate Incident Response Plan Checklist

A cybersecurity incident response plan for a data breach takes thoughtful planning. Learn what's needed with this incident response (IR) planning checklist.

Learn More

Ebook | Sep 14, 2021

Leveraging Zero Trust Architecture to Contain & Combat Ransomware

Gain visibility on who's on your network by signing up to download our free eBook discussing how you can contain ransomware utilizing Zero Trust.

Learn More

Threat Report | Sep 14, 2021

TIR-20210913 TEAMTNT – “CHIMAERA” CRYPTOMINING MALWARE CAMPAIGN TARGETS SERVERS

TeamTNT released a new campaign known as "Chimaera" meant to cryptomine malware and is actively targeting several operating systems and applications.

Learn More

Blog | Sep 9, 2021

Lockbit 2.0 Ransomware: An In-Depth Look At Lockfile & LockBit

Emerging in July 2021, LockFile has compromised over 300 servers in an ongoing ransomware campaign. Learn more!

Learn More

Blog | Sep 9, 2021

Flash Notice – Microsoft Issues Warning for Remote Code Execution Vulnerability

A statement has been released by Microsoft warning users of a remote code execution vulnerability in Office 365 and Office 2019 on Windows 10.

Learn More

Blog | Aug 24, 2021

Threat Actor Profile – “BlackMatter” Ransomware

BlackMatter began making its presence known as a ransomware-as-a-service (RaaS) gang in 2021. Read more for indicators of compromise and our recommendations.

Learn More

Blog | Aug 18, 2021

Beware of Clever Email Phishing Campaigns

Phishing campaigns are a tried-and-true method for retrieving data, but certain email campaigns can be difficult to filter.

Learn More

Blog | Aug 13, 2021

Flash Notice – The PrintNightmare Continues

These disappointing developments coincide with reports of ransomware groups exploiting the PrintNightmare family of vulnerabilities in the wild.

Learn More

Blog | Aug 10, 2021

XDR: Tech Stack, Service, Process, or All Three?

What is eXtended Detection Response (XDR)? Is it a process, a tech stack, or a service? How does it differ from MDR and EDR?

Learn More

Blog | Aug 3, 2021

Microsoft Exchange Server Breach is Formally Attributed to China by the U.S

The extensive breach of Microsoft Exchange Server early this year has been formally attributed to China by the United States & several allies.

Learn More

Blog | Aug 3, 2021

President Biden’s Executive Order on Cybersecurity: What it does & What it doesn’t do

The growing need for cybersecurity has brought onto a new executive order. Read more to learn about what this means and where it falls short.

Learn More

Blog | Jul 28, 2021

A Zero Trust Network Architecture (ZTNA) POV with Appgate

As Zero Trust becomes more relevant, Appgate x Avertium leads the way in accelerating the customer's Zero Trust journey.

Learn More

Blog | Jul 22, 2021

July 4th Post Mortem on PrintNightmare and REvil

The latest noteworthy exploit leveraged a vulnerability in Microsoft’s Print Spooler Service to target IT Solutions company, Kaseya.

Learn More

Blog | Jul 16, 2021

Flash Notice: SonicWall Warns of Imminent Ransomware Attack Against EOL Products

SonicWall has released an urgent security bulletin to their customers using unpatched, end-of-life Secure Mobile Access 100 series and Secure Remote Access products.

Learn More

Blog | Jul 7, 2021

Summary of the International Institute for Strategic Studies’ Nation-State Cyber Power Assessment

A recent study, conducted by the International Institute for Strategic Studies, assessed the cyber power of 15 different nation-states.

Learn More

Blog | Jul 1, 2021

CobaltStrike Overview

This report is about the use of the well-known tool CobaltStrike in adversarial campaigns, CobaltStrike dates all the way back to 2016.

Learn More

Threat Report | Jul 1, 2021

PrintNightmare – Unpatched remote code execution vulnerability in default windows print spooler service

The PrintNightmare scenario continues to unfold as security researchers around the globe work to better understand how to detect and mitigate this critical vulnerability.

Learn More

Blog | Jun 28, 2021

Attack Surface Management vs. Vulnerability Management

Today's attack surface management extends beyond your physical IT assets, now encompassing your entire digital footprint, and vulnerability management focus on software and code-based variabilities.

Learn More

Blog | Jun 25, 2021

Flash Notice: Avertium Detects Increase in “Stolen Images” Phishing Campaign

Avertium security teams have detected an uptick in “Stolen Images” phishing emails. This campaign accuses the email recipient of using...

Learn More

Blog | Jun 23, 2021

APT38 Threat Actor Profile

We dive into the threat actor profile on APT38. APT38 is a nation-state-level threat group associated with the North Korean regime. Read more on its tactics.

Learn More

Blog | Jun 15, 2021

REvil Ransomware Overview

This is a Threat Actor Profile on REvil, a RaaS syndicate. Most recently, the REvil ransomware group was connected to the attack on the JBS Meat Company.

Learn More

Threat Report | Jun 8, 2021

Cyber Espionage & Data Exfiltration attack results from 3-year old backdoor

This report is an overview of live espionage and data exfiltration resulting from a previously unknown backdoor that flew under the radar for over 3 years.

Learn More

Threat Report | Jun 2, 2021

New NOBELIUM Campaign focuses on phishing

This report is about a new malware campaign by a foreign adversarial nation-state threat actor recently being referred to as NOBELIUM.

Learn More

Blog | May 26, 2021

Flash Notice: VMware discloses critical vCenter server vulnerabilities

On May 25, 2021, VMware released a new critical security advisory, VMSA-2021-0010 (CVE-2021-21985 & CVE-2021-21986), affecting vCenter Server 6.5, 6.7, and 7.0.

Learn More

Blog | May 26, 2021

Examining the relationship between Vulnerability Announcements & the increase in attacks until mitigated

This report discusses the relationship between the time a new vulnerability is announced & the increase in attacks against it until patched.

Learn More

Blog | May 21, 2021

You're Secure - But are Your Vendors? Assessing Third Party Risk

With 3rd Party Risk in Cybersecurity, security teams can focus on more than just what to do AFTER an attack happens - remediation and containment.

Learn More

Blog | May 18, 2021

Malware Campaign utilizes Microsoft Executable MSBuild

This report is about a malware campaign using a well-known Microsoft executable called MSBuild to propagate in a file-less manner.

Learn More

Blog | May 18, 2021

Avertium Named Winner in the Coveted Global InfoSec Awards 2021

Avertium Wins “Next-Gen in Managed Security Service Provider (MSSP)” In 9th Annual Global InfoSec Awards at #RSAC 2021

Learn More

Blog | May 14, 2021

FiveHands Ransomware Overview

This report is an overview of the FiveHands Ransomware variant that successfully attacked an organization (CISA release date May 6, 2021).

Learn More

Blog | May 11, 2021

Avertium, Med Tech Solutions, and LIFARS announces Security Alliance delivering comprehensive, Always-On Cloud Security for Healthcare Organizations

Three-way partnership creates the first solution combining managed cloud services, managed SOC, & incident response for the healthcare industry.

Learn More

Blog | May 10, 2021

Reducing Ransomware Risk in Healthcare

The impacts of the global pandemic have put the healthcare industry at the top of the list for ransomware threats.

Learn More

Blog | May 6, 2021

Overview of the BadAlloc Vulnerabilities

This report is an overview of a series of vulnerabilities discovered by Microsoft’s Section 52 research team, labeled “BadAlloc”.

Learn More

Blog | May 5, 2021

Dell BIOS Driver Privilege Escalation Flaws

Hundreds of millions of Dell Computers (desktops, laptops, notebooks, and tablets), could be vulnerable to a BIOS Driver Privilege Escalation Flaw.

Learn More

Blog | Apr 27, 2021

Exploitation Campaign by two threat actor groups affects pulse secure

The Pulse Secure vulnerability CVE-2021-22893 affects the following software releases: PCS 9.0R3/9.1R1 and higher.

Learn More

Blog | Apr 21, 2021

The Rise of RaaS Gangs + What You Need to Know

As we move into 2021, ransomware attacks continue to rise and are increasingly executed through Ransomware as a Service (RaaS) gangs. Learn more.

Learn More

Threat Report | Apr 20, 2021

Clop Ransomware (TIR-20210419)

This report discusses Clop ransomware; it was discovered in February of 2019 and a recent increase in Clop attacks has been noticed by cybersecurity researchers.

Learn More

Blog | Apr 13, 2021

Phishing Campaign targets the Medical Research community

This report is about a well-known threat targeting the medical research community in both the United States and Israel.

Learn More

Blog | Apr 8, 2021

Does CMMC Immunize You to Ransomware?

Does CMMC immunize you to ransomware? Let's find out and discuss not only the requirement but also some of the perceived benefits of implementing such a framework.

Learn More

Blog | Apr 7, 2021

Two Vulnerabilities affect FireEye EX 3500

This report is about two vulnerabilities affecting FireEye EX 3500. The vulnerabilities are identified as CVE-2021-28970 and CVE-2021-28969.

Learn More

Threat Report | Mar 30, 2021

Overview of the Crypter-as-a-Service: HCrypt

Learn More

Blog | Mar 22, 2021

Zoom Screen-Sharing Vulnerability displays Unauthorized Information

A vulnerability discovered in Zoom may allow users in the meeting to see information on a screen-share that they weren't authorized to view.

Learn More

Threat Report | Mar 15, 2021

Three recently reported Azure LoLBins help attackers evade detection

This report spotlights three recent Azure Living-off-the-land binaries (LoLBins) that could be used by attackers to evade detection.

Learn More

Blog | Mar 11, 2021

Operation Exchange Marauder: Mass exploitation of Microsoft Exchange

On March 2, 2021, Microsoft released a series of emergency security patches for Exchange Server 2019, 2016, 2013, and 2010 in order to combat several vulnerabilities.

Learn More

Blog | Mar 9, 2021

Growing Cybersecurity Company announces Chief Revenue Officer to Support Expansion

Today, Avertium announced the appointment of Ben Masino as the company’s Chief Revenue Officer (CRO).

Learn More

Blog | Mar 8, 2021

DarkSide Ransomware Overview

DarkSide ransomware is a Ransomware-as-a-Service (RaaS), primarily targeting Windows systems with the ability to target Linux OS variants.

Learn More

Blog | Mar 5, 2021

To CMMC & Beyond: What you can do today to prepare for CMMC tomorrow

The Cybersecurity Maturity Model Certification (CMMC) is coming–whether you’re ready or not. Today it’s primarily meant for the Department

Learn More

Threat Report | Mar 1, 2021

Threat Report: New Variant of MassLogger Trojan Malware targets Microsoft Outlook & Google Chrome

This report is about recent malware campaigns utilizing the MassLogger trojan (written in . NET) that is targeting popular applications.

Learn More

Blog | Feb 22, 2021

New Phishing Campaign uses Morse Code to avoid detection

This report is about a new phishing campaign that uses a unique method of obfuscation to avoid detection by traditional security appliances.

Learn More

Blog | Feb 15, 2021

Severe Windows Vulnerabilities impact Windows Client & Server OS Versions 7 and Above

This report is about three high severity Windows TCP/IP vulnerabilities tracked as CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086.

Learn More

Threat Report | Feb 9, 2021

Vovalex Ransomware (TIR-20210207)

Vovalex ransomware is the first ransomware written in D language and the first to be distributed through pirated software that masquerades as legitimate software such as various Windows utilities.

Learn More

Blog | Feb 9, 2021

How can you leverage your SIEM as part of your Zero Trust strategy?

A well-designed SIEM can provide the level of deep visibility required to ensure that the user remains trustworthy throughout the user’s cycle

Learn More

Blog | Feb 3, 2021

Heap-Based Buffer Overflow Vulnerability Discovered in Sudo (TIR-20210131)

This report is regarding a recently discovered heap-based buffer overflow vulnerability within the widely used Sudo utility.

Learn More

Blog | Jan 24, 2021

Recent additions to TeamTNT Malware Campaign on Cloud Environments

This report is about the recent additions to the TeamTNT malware campaign to infect cloud environments and it is updated to capture AWS IAM user details more effectively.

Learn More

Blog | Jan 6, 2021

New Golang Worm targets MySQL, Jenkins, Oracle WebLogic and other public services

Threat report on the new malware Golang Worm which is targeting services such as MySQL, Jenkins, and Oracle WebLogic.

Learn More

Blog | Jan 6, 2021

Zyxel Firewall Backdoor Vulnerability CVE-2020-29583

This outlines the TTP for the Zyxel Firewall backdoor vulnerability CVE-2020-29583. It also provides mitigation recommendations.

Learn More

Threat Report | Dec 28, 2020

Multiple Dell ThinOS Vulnerabilities

This threat report is about the multiple Dell Wyse ThinOS vulnerabilities, the techniques, tactics and procedures and how to remediate them.

Learn More

Blog | Dec 28, 2020

What is Mobile App Testing?

What is Mobile App Testing? Cybersecurity specialists utilize an assortment of tests and techniques to screen for vulnerabilities in order to evaluate the security of a mobile app.

Learn More

Threat Report | Dec 24, 2020

Threat Report: SunBurst Backdoor and Malware Campaign

This report is about the recently disclosed SunBurst backdoor and the related malware campaign.

Learn More

Threat Report | Dec 18, 2020

Threat Report: SolarWinds Orion Compromise Guidance

This report outlines the TTPs of the SolarWinds Orion compromise and recommended steps to identiy and mitigate known exposure.

Learn More

Blog | Nov 16, 2020

PyXie distributing ransomware tools targeting Healthcare, Education, Government and Technology companies

This threat report is about bad actor PyXie Group's ransomware tools targeting various sectors including healthcare, education, government, and technology.

Learn More

Blog | Nov 10, 2020

What you need to know about Telemedicine, HIPAA Compliance and the Pandemic

What you need to know about evolving telemedicine policies and HIPAA compliance during this pandemic.

Learn More

Blog | Nov 3, 2020

Multiple Oracle WebLogic Server Vulnerabilities Remotely Exploitable without Authentication

This threat report is about the Oracle WebLogic Server vulnerabilities and the patches available.

Learn More

Blog | Oct 30, 2020

3 Scary Stories of Data Breach Disasters

3 data breach stories that could happen to any company and that could've been preventable.

Learn More

Threat Report | Oct 30, 2020

Ryuk is Back and Actively Targeting U.S. Healthcare Organizations

Threat actors operating Ruyk are back and targeting U.S. -based hospitals. Here's how you can protect your company against the threat actors.

Learn More

Blog | Oct 27, 2020

TeamTNT Attacks Cloud Environments

TeamTNT attacks cloud environments with Weave Scope. This report describes the tactics, techniques, and procedures used and how to defend against them.

Learn More

Blog | Oct 27, 2020

What Is Security Orchestration, Automation and Response (SOAR)?

Security orchestration, automation, and response (SOAR) automates and accelerates security operations, analytics and reporting.

Learn More

Blog | Oct 22, 2020

We have an MDR...do we still need a SIEM?

Explains what MDR and SIEM are, and how they can work together to provide you with a superior cybersecurity solution.

Learn More

Blog | Oct 20, 2020

Culture of Collaboration: Fanatical Testing and Instrumentation

Culture of Collaboration: Fanatical Testing and Instrumentation. We can use this idea to develop organizational controls and processes to prevent, detect, respond to and recover from cyber-attacks.

Learn More

Blog | Oct 20, 2020

Translating Paper into Trust

Translating Paper into Trust: Edward Vasko explains how collaboration can lead to security controls tailored to minimize their impact on job performance.

Learn More

Blog | Oct 20, 2020

Why (and How) Company Leadership should create a culture of Security Collaboration

The goal is to balance security risks against business objectives and develop sensible controls that reduce the biggest risks with minimal impact on job performance.

Learn More

Blog | Oct 20, 2020

Understanding Personal Data Privacy Compliance Obligations to protect your customers, partners and employees

Due to the many personal data privacy compliance requirements and non-compliance sanctions, organizations should understand regulations.

Learn More

Blog | Oct 19, 2020

SonicWall Vulnerability may allow denial of service attack

This is a threat report about a critical SonicWall vulnerability tracked as CVE-2020-5135 that can allow a Denial of Service attack.

Learn More

Blog | Oct 15, 2020

What Is Extended Detection and Response (XDR) and why is it gaining momentum as a security solution?

Learn what extended detection and response is and how XDR is evolving into the successor to end-point detection and response (EDR) solutions.

Learn More

Blog | Oct 14, 2020

What Is MITRE ATT&CK and how is it being used?

This article answers the question, What is MITRE ATT&CK? and explains ways to use ATT&CK daily to protect your environment against adversarial TTPs.

Learn More

Blog | Oct 13, 2020

Backdoor targets Content Management Systems (CMS)

This report describes the tactics, techniques, and procedures for backdoor malware with shell capability and targets content management systems.

Learn More

Threat Report | Oct 12, 2020

Content Management System malware attack drops Backdoor Shell

This threat report is about a content management system (CMS) malware that attacks using a backdoor with a shell capability.

Learn More

Blog | Oct 11, 2020

Latest Phishing Campaign lures Defense and Aerospace Workers with Fake Job Offers

This report outlines the latest phishing campaign targeting defense and aerospace workers and how to protect against it.

Learn More

Blog | Oct 8, 2020

Threat Focus: What is Ransomware-as-a-Service?

This post answers "What is ransomware-as-a-service?" and explains how the cybersecurity threat is evolving and ways to protect your business.

Learn More

Blog | Oct 7, 2020

Avertium Named to the MSSP Alert Top 250 MSSPs List

Avertium named to MSSP Alert's 2020 Top 250 MSSPs list. This is the second consecutive year that Avertium has been included.

Learn More

Blog | Oct 6, 2020

What every Cybersecurity Pro should understand about Insider Threats

Understand insider threats - both malicious and accidental - since they are prevalent, yet often an avoidable type of cybersecurity threat.

Learn More

Threat Report | Oct 5, 2020

Ryuk Ransomware's Increased Activity Targets Large Organizations Using Windows OS

This report is an overview of the Ryuk ransomware and contains actionable intelligence for understanding and protecting against the malware threat.

Learn More

Blog | Oct 1, 2020

Ransomware Vs. Phishing Vs. Malware (What's The Difference)

Malware, ransomware, and phishing attacks are nothing new to enterprise and small business cybersecurity teams. Learn the basics you need to know.

Learn More

Blog | Sep 29, 2020

What Software Companies looking to develop for the Healthcare Industry need to know

Many software companies looking to develop for the healthcare industry are unaware they must be HIPAA compliant. Learn more.

Learn More

Blog | Sep 28, 2020

Cisco Aironet APs vulnerability risks DoS

This threat report is about a vulnerability recently discovered in Cisco Aironet Access Points (APs) known as CVE-2020-3560.

Learn More

Blog | Sep 24, 2020

Zero Trust Beyond VPN Replacement: Earning the Most Value for Your Investment

Learn about zero-trust network access (ZTNA) beyond VPN replacement and how to realize the most value for your investment.

Learn More

Blog | Sep 23, 2020

Understanding the Difference Between an MSSP and MDR

The decision between MSSP vs. MDR should be based on specific factors. Learn how you can make the right choice for your organization. Read the blog.

Learn More

Blog | Sep 17, 2020

How Multi-Cloud Environments Expand Your Attack Surface and How to Manage and Reduce the Risk

Learn how multi-cloud environments expand your attack surface, best practices to manage and reduce the risk

Learn More

Blog | Sep 16, 2020

Avertium enhances LogRhythm expertise with acquisition of 1440 Security

Sunstone Partners-backed Avertium acquires national MSSP 1440 Security to enhance LogRhythm and advanced threat detection capabilities.

Learn More

Blog | Sep 15, 2020

How to Leverage Your SIEM to Detect and Respond to Ransomware

The key to detecting ransomware is laying the necessary groundwork first. Avertium explores how to leverage SIEM technology to respond to attacks.

Learn More

Blog | Sep 14, 2020

Palo Alto Firewall vulnerabilities discovered and patched

This threat report is about a series of Palo Alto firewall vulnerabilities in the software suite ranging in criticality.

Learn More

Blog | Sep 9, 2020

Why Enterprises are Adding Chief Privacy Officer to C-Level Leadership

Learn why the Chief Privacy Officer is needed for personal data privacy strategic decision making and why the CPO is here to stay.

Learn More

Blog | Sep 8, 2020

Assessing whether you need Virtual CISO (vCISO) Services, and what to expect

Learn if you need virtual CISO (vCISO) services for cybersecurity leadership to improve security and meet regulations and compliance.

Learn More

Threat Report | Sep 8, 2020

Financial Institutions Beware: New PyVil RAT targets you

This threat report is about a new remote access trojan (RAT) called PyVil that targets financial institutions and is by Evilnum.

Learn More

Blog | Sep 3, 2020

The Cybersecurity Talent Shortage: Myth or Truth?

Explore the myths and facts surrounding the cybersecurity talent shortage and what you can do about it with MSSP and consulting.

Learn More

Blog | Sep 1, 2020

Vulnerability Management: Is In-Sourcing or Outsourcing right for you?

Examine the different components of vulnerability management and when and where outsourcing makes sense to your program.

Learn More

Blog | Aug 31, 2020

WooCommerce vulnerabilities in WordPress plugin discovered

This threat report provides actionable intelligence about WooCommerce vulnerabilities discovered in Discount Rules in the WordPress plugin.

Learn More

Blog | Aug 27, 2020

Attributes of a robust Vulnerability Management Program

The attributes of a robust vulnerability management program that protects enterprises in a challenging security environment.

Learn More

Blog | Aug 25, 2020

What is a Vulnerability Assessment and Why is it Important?

Explore what a vulnerability assessment is and the importance of having a thorough analysis applied to your organization.

Learn More

Blog | Aug 24, 2020

MassLogger Malware

This threat report provides an overview of the MassLogger malware, the tactics, techniques and procedures, and what you can do to protect your organization.

Learn More

Blog | Aug 20, 2020

EDR vs. MDR: Which Threat Detection is Right for You?

This post explores using EDR vs. MDR for threat detection to protect against cybersecurity threats to help determine which is right for your organization.

Learn More

Blog | Aug 18, 2020

Is Artificial Intelligence (AI) in Cybersecurity the ultimate solution? Short Answer: No, and also Yes

This post provides an examination of artificial intelligence in cybersecurity for a more profound understanding of precisely what AI can and cannot do.

Learn More

Blog | Aug 17, 2020

Russian Drovorub malware affects Linux Systems

This threat report covers the Drovorub malware, which affects Linux systems and is attributed to the Russian military unit known as the GRU.

Learn More

Blog | Aug 13, 2020

Using Application Whitelisting Best Practices to Stop Malware

We dive into the difference between whitelists vs. blacklists to explore using application whitelisting software in order to stop malware. Read the blog.

Learn More

Threat Report | Aug 12, 2020

Netwalker Ransomware offered as Ransomware-as-a-Service creating increased prevalence

This threat report is about the NetWalker ransomware considered highly dangerous due to advanced anti-detection and persistence techniques.

Learn More

Blog | Aug 11, 2020

Make PCI Compliance Easier; Automate PCI DSS Requirement 11.2

Automating PCI DSS Requirement 11.2 using vulnerability scanning is the best way for a merchant or service provider to fulfill the mandate.

Learn More

Blog | Aug 6, 2020

Least Privilege: Minimizing Permissions to Improve Cybersecurity

Why least privilege through minimizing permissions and account separation is worth the resulting lowered exposure to cyberattacks.

Learn More

Blog | Aug 5, 2020

Ensiko Web Shell Infects Windows, Linux and MacOS Systems

This threat report provides actionable intelligence to protect against the Ensiko web shell that affects Windows, Linux, and MacOS systems.

Learn More

Blog | Aug 4, 2020

How to apply SOC 2 Type 2 Trust Services criteria to your business

This article explains the SOC 2 Type 2 Trust Service Criteria (TSC) for SOC audit reports and how to apply them to your business.

Learn More

Blog | Jul 30, 2020

Demystifying Zero Trust: What is Zero Trust Security, and how can it bolster your environment?

What is Zero Trust security? How can it bolster your information security environment? Learn if a zero trust security model is right for your organization.

Learn More

Blog | Jul 28, 2020

SOC Audit Report Basics: The What, Why, Who and How

Learn SOC audit report basics: What is a SOC audit report, what's the difference between a SOC 1, SOC 2 and SOC 3 report, Type 1 vs. Type 2, and more.

Learn More

Blog | Jul 27, 2020

SIGRed "Wormable" DNS Server vulnerability is critical to address

SIGRed, assigned as "wormable" DNS Server vulnerability may allow malicious actor Domain Administrator rights with devastating financial impact.

Learn More

Blog | Jul 20, 2020

Zoom Client for Windows Vulnerability recently discovered

Threat report about a newly discovered Zoom Client for Windows vulnerability that allows a remote attacker to execute arbitrary code on a victim’s computer.

Learn More

Blog | Jul 17, 2020

Why Root Cause Analysis is Crucial to Incident Response (IR)

Performing incident response root cause analysis can help your organization identify outlying factors that may have contributed to a data breach. Read more.

Learn More

Blog | Jul 15, 2020

How to write a Business Continuity Plan to fit your enterprise

How to write a business continuity plan to fit your business, including primary goals, what a BCP includes, and business continuity planning steps.

Learn More

Blog | Jul 15, 2020

Avertium adds Sophos 2020 MSP Partner of the Year, Americas to List of Partner Awards

Avertium Adds Sophos 2020 MSP Partner of the Year, Americas to List of Partner Awards

Learn More

Blog | Jul 13, 2020

Citrix Vulnerabilities: NetScaler ADC, NetScaler Gateway and SD-WAN WANOP

This threat report is about a series of Citrix vulnerabilities within Citrix ADC (NetScaler ADC), Gateway (NetScaler Gateway), and SD-WAN WANOP.

Learn More

Blog | Jul 9, 2020

Why Patch Management is Important for Cyber Security

This post explains strong patch management importance in cyber security, best practices, and how to implement a program that manages risk.

Learn More

Blog | Jul 7, 2020

What's New in HITRUST CSF Version 9.4 CMMC and NIST Mapping

Learn about the added HITRUST CMMC and NIST mapping aspects of this recently released HITRUST CSF version 9.4.

Learn More

Blog | Jul 6, 2020

Palo Alto PAN-OS Vulnerability with CVSS score of 10 issued

This threat report is about CVE-2020-2021, a newly discovered critical vulnerability in the Palo Alto PAN-OS and carries a CVSS score of 10.

Learn More

Blog | Jun 30, 2020

Am I ready for a PCI ROC?

This post answers PCI Report on Compliance (ROC) questions, help you determine if you're ready, and gives tips for doing a PCI readiness assessment.

Learn More

Blog | Jun 29, 2020

Cisco Webex Meetings Desktop App Vulnerability

This threat report is about a Cisco Webex Meetings Desktop App vulnerability referred to as CVE-2020-3263 with Cisco updates to remediate.

Learn More

Blog | Jun 25, 2020

Cloud Security Using Defense in Depth

Learn the argument for defense cloud security, the challenges of implementing cloud cybersecurity, and how to protect your cloud environment. Read the blog.

Learn More

Blog | Jun 25, 2020

First HIPAA Risk Assessment? Here's how to be prepared

This article provides an introduction to HIPAA risk analysis and four things to remember when preparing for your first HIPAA risk assessment.

Learn More

Blog | Jun 23, 2020

Ransomware Prevention to Incident Response

This article covers ransomware prevention to incident response to help you protect against ransomware or recover from a ransomware attack.

Learn More

Blog | Jun 22, 2020

New FK_Undead Malware Modules

This threat report is about a set of new modules added to the FK_Undead malware and provides actionable intelligence to protect against this threat.

Learn More

Threat Report | Jun 19, 2020

Recent surge in two WordPress attacks

This threat report is about a surge in WordPress attacks using cross-site scripting (XSS) and the “wp-config.php” file and how to defend against them.

Learn More

Blog | Jun 17, 2020

10 factors for Cloud Security during selection and implementation

Cloud security during selection and implementation that considers data governance, data security, and remote workforce's usage of technology.

Learn More

Blog | Jun 16, 2020

Do I have to be PCI compliant?

This article offers PCI DSS information to help you answer, "Do I have to be PCI compliant?", explains the QSA's role and how to avoid heavy fines.

Learn More

Blog | Jun 11, 2020

Does HIPAA apply to me?

"Does HIPAA Apply to Me?" answers if your organization must be HIPAA compliant and how to adhere to HIPAA Rules for protected health information (PHI).

Learn More

Blog | Jun 10, 2020

VMWare Tools Vulnerability Allows Administrative Access

This threat report is about VMware tools vulnerability CVE-2020-3957 that can allow an attacker to gain administrative level privileges on a system.

Learn More

Blog | Jun 9, 2020

Password Spray Attack Q&A with a Penetration Tester

Learn from a pen testing expert about the password spray attack hackers use to gain account access and how to protect against this type of cyber attack.

Learn More

Threat Report | Jun 8, 2020

Ragnar Locker Ransomware New Evasion Technique

This threat report is about the Ragnar Locker ransomware and a new defense evasion technique using virtual machines and running VirtualBox in headless mode.

Learn More

Blog | Jun 3, 2020

PCI DSS business as usual: The pandemic proved why businesses should adhere

PCI DSS Business as Usual is the best way to ensure you're protecting credit card data as part of regular operations. The pandemic proved this. Learn how.

Learn More

Blog | Jun 2, 2020

Monitoring Telework Security with Disappearing Network Perimeters

Establishing ways of monitoring telework security with disappearing network perimeters, securing endpoints, and considering employee privacy is crucial.

Learn More

Blog | May 28, 2020

5 Considerations for writing New Remote Workforce Policies and Procedures

Writing new remote workforce policies and procedures for cybersecurity requires special considerations, which we explore in this article.

Learn More

Blog | May 27, 2020

3 differences in Incident Response for a new remote workforce

Explore incident response for a new remote workforce and how to prepare for an incident response team (IRT) answering to a security incident.

Learn More

Blog | May 27, 2020

Ramsay Malware targets Windows OS

This threat report is about Ramsay malware that targets Windows operating system hosts to steal valuable intelligence for espionage-related reasons.

Learn More

Blog | May 26, 2020

Gauging Risk Tolerance for Remote Workforce Security versus Privacy

As organizations adjust to and consider permanently adopting a telework model, they must consider the privacy vs. remote workforce security implications.

Learn More

Blog | May 21, 2020

The Importance of Identity Management and Governance for Telework Security

The importance of identity management and governance for telework security was revealed with the shift to telecommuting for pandemic response. Learn more.

Learn More

Blog | May 19, 2020

The Business Continuity Shift: Ensuring Telework Security

Ensuring telework security means going beyond most existing BCPs to address unprecedented considerations in protecting a majority virtual work environment.

Learn More

Blog | May 18, 2020

Critical Palo Alto firewall vulnerabilities identified

This threat report is about critical Palo Alto firewall vulnerabilities PAN-SA-2020-0005 PAN-OS, PAN-SA-2020-0006 PAN-OS, CVE-2020-2018, and CVE-2020-2005.

Learn More

Blog | May 14, 2020

10 Ways Using SIEM Technology can automate fulfilling HIPAA Regulations

SIEM technology can automate fulfilling HIPAA regulations to help healthcare organizations achieve compliance and improve their security posture. Learn how.

Learn More

Blog | May 12, 2020

Newly discovered SolarWinds MSP Vulnerability presents nation-state threat

This threat report is about a recently discovered SolarWinds MSP patch management engine (PME) vulnerability called CVE-2020-12608.

Learn More

Blog | May 12, 2020

Using MITRE ATT&CK Framework for Beyond-Checkbox Cybersecurity

Using the MITRE ATT&CK framework helps cybersecurity teams get insight into the tactics, techniques, and procedures adversaries use to compromise networks.

Learn More

Blog | May 7, 2020

4 Security precautions before reintroducing devices to the network

During the transition back to office environments, organizations should take these four security precautions before reintroducing devices to the network.

Learn More

Blog | May 6, 2020

Achieve Secure Cloud Adoption using HITRUST

We explain how using HITRUST to achieve secure cloud adoption helps assign responsibility for security controls between businesses and third-party vendors.

Learn More

Blog | May 5, 2020

3 things for HIPAA Compliance when returning to normal operations

Here are things your workers responsible for protecting the privacy of PHI at all times should do for HIPAA compliance when returning to normal operations.

Learn More

Blog | May 4, 2020

VMWare ESXI Vulnerability Allows Malicious Code Injection

Learn about CVE-2020-3955, a VMWare ESXI vulnerability caused by the improper validation of user-supplied inputs, and what to do to protect your business.

Learn More

Blog | Apr 30, 2020

Complying with HIPAA Encryption Standards: What you need to know

Successfully complying with HIPAA encryption standards to protect ePHI is expected by HHS. Learn what you need to do to be HIPAA compliant.

Learn More

Blog | Apr 28, 2020

Remaining PCI compliant while reopening following COVID-19

Businesses returning to normal operations and that handle credit cards must keep their eye on remaining PCI compliant while reopening following COVID-19.

Learn More

Blog | Apr 28, 2020

How to know if your MSSP is equipped to support you through a breach

It’s crucial your MSSP is equipped to support you in the case of a breach by being able to pivot from normal operations to incident response on your behalf.

Learn More

Blog | Apr 27, 2020

New Spear Phishing Attacks use fake O365 link to gain access

Avertium reports on new spear phishing attacks by a well-known threat actor involving a macro infested Word document using a fake Office 365 link.

Learn More

Blog | Apr 24, 2020

Why Pen Tests are key to a Robust Incident Response Plan

Security incidents are expensive and timely detection is key. You can develop a more relevant IR plan by assessing vulnerabilities through a pen test.

Learn More

Threat Report | Apr 21, 2020

Threat Report: APT41 using Speculoos to exploit Citrix Vulnerabilty

APT41 using Speculoos, a custom-coded backdoor trojan, to exploit a well-known Citrix vulnerability is dangerous for users. Learn why.

Learn More

Blog | Apr 21, 2020

CISO Advice: Operating to a Cybersecurity Gold Standard during crisis

CISO advice for ensuring your managed security service provider is protecting you and themselves by adhering to a cybersecurity gold standard.

Learn More

Blog | Apr 16, 2020

Community Bank Cybersecurity during COVID-19

Community bank cybersecurity has become even more difficult during COVID-19 due to the shift to a remote workforce and increased phishing scams. Learn more.

Learn More

Blog | Apr 14, 2020

How to protect workers from increased phishing attacks during COVID-19

Protect your workers from increased phishing attacks during COVID-19 by teaching them phishing scam indicators, creating a safe reporting culture, and more.

Learn More

Blog | Apr 13, 2020

CVE-2020-3952 VMWare vCenter Software Vulnerability

This report is about the CVE-2020-3952 VMWare vCenter software vulnerability caused by improper access controls affecting the VMware Directory Service.

Learn More

Blog | Apr 8, 2020

AT&T Cybersecurity names Avertium 2019 North American Partner of the Year

Avertium is named AT&T Cybersecurity's 2019 North American Partner of the Year. The award recognizes Avertium for outstanding growth in North America.

Learn More

Blog | Apr 8, 2020

Restaurants, Be Aware of PCI DSS Requirement 3.2 during COVID-19

Restaurants need to be aware of PCI DSS requirement 3.2 and how it relates to the new carry out and curbside business models spurred by COVID-19.

Learn More

Blog | Apr 7, 2020

3 Ways to stay PCI Compliant during the COVID-19 Pandemic

Businesses transitioning to support remote work environments to remain operational need to stay PCI compliant during the COVID-19 pandemic. Learn how.

Learn More

Blog | Apr 6, 2020

Stop using online collaboration tools until you read this

This article covers online collaboration tools security and explains the associated risks and best practices for protecting your workers.

Learn More

Blog | Apr 6, 2020

Zoom virtual meeting Vulnerabilities

This threat report covers Zoom virtual meeting vulnerabilities with potential for immense concerns, their potential impact and Avertium's recommendations.

Learn More

Blog | Apr 2, 2020

HIPAA Compliance during the COVID-19 Outbreak

HIPAA outlines special provisions for information sharing. We've outlined below the various scenarios in which the sharing of patient data without authorization is permissible.

Learn More

Blog | Mar 31, 2020

Cybersecurity tips for your remote workers

We've put together a list of cybersecurity tips for users who are working from home for the near to mid-term future as the world responds and takes measures to contain the spread of COVID-19.

Learn More

Blog | Mar 24, 2020

COVID-19 Phishing Scams to Watch For

Covid-19 phishing scams and other social engineering tactics exploiting this confusing time are surfacing. Watch for these to protect your organization.

Learn More

Blog | Mar 23, 2020

Latest Pawn Storm attack methods

An analysis of Pawn Storm aka APT28 aka Fancy Bear. It contains recommendations on how to prevent an attack in 2020.

Learn More

Blog | Mar 17, 2020

Avertium COVID-19 Preparedness and Response: An Open Letter from CEO Jeff Schmidt

An open letter from Avertium's CEO Jeff Schmidt to customers and partners regarding COVID-19 preparedness and response.

Learn More

Blog | Mar 16, 2020

Remote Workforce Security: 4 Best Practices

Four best practices for securing an expanding remote workforce during the COVID-19 pandemic.

Learn More

Blog | Mar 16, 2020

Vulnerability CVE-2020-0684 detected in Windows .LNK files

This report gives information about CVE-2020-0684 regarding a vulnerability that affects Windows .LNK files. Patching version included.

Learn More

Blog | Mar 9, 2020

Cybersecurity Spring Cleaning: 7 Steps for Critical Data Scanning

Cybersecurity spring cleaning should include critical data scanning using these 7 steps for data hygiene at least once a year. Learn more.

Learn More

Blog | Mar 9, 2020

ManageEngine Desktop Central, CVE-2020-10189

This threat report gives information about CVE-2020-10189 regarding a vulnerability the ManageEngine Desktop Central software. Patching version included.

Learn More

Blog | Mar 3, 2020

3 Reasons why you need a Human-Run Penetration Test

A human-run penetration test is a cybersecurity best practice that allows ethical hackers to proactively discover vulnerabilities for remediation.

Learn More

Blog | Feb 26, 2020

Avertium named to CRN MSP 500 Top 100 Security List for fourth consecutive year

Avertium, the national managed security and consulting provider, announced the company has been named to the CRN® 2020 MSP 500 Security 100 category.

Learn More

Blog | Feb 25, 2020

CVE-2020-1938, GhostCat Vulnerability

This threat report gives info. about CVE-2020-1938, or GhostCat, a vulnerability that affects the Apache Tomcat software package. Patching versions included.

Learn More

Blog | Feb 25, 2020

Why your Customer Service needs Chatbot Security

Chatbot security is important as customer service uses more sophisticated artificial intelligence (AI) tools to collect personal data.

Learn More

Threat Report | Feb 3, 2020

Ragnorak and Eternal Blue Exploit CVE-2019-19781

This report is about a ransomware campaign that utilizes Ragnorak and Eternal blue to exploit the heavily reported vulnerability CVE-2019-19781.

Learn More

Threat Report | Dec 5, 2019

Dexphot Polymorphic Malware

Report on Dexphot polymorphic malware whose campaign is to crytomine but deploys a sophisticated approach that makes detection and deploying countermeasures difficult.

Learn More

Threat Report | Nov 26, 2019

Firefox Vulnerability and Fake Tech support page scammers

A report in the Firefox vulnerability and the fake technical support page scam that attempts to steal credentials with our recommended countermeasures.

Learn More

News & Resources

How Your Third Parties are Making You Uninsurable

How Did We Get Here? The Past, Present, and Future of Supply Chain Risk

Flash Notice: [CVE-2022-1040] Critical Sophos Firewall RCE Vulnerability

API Attacks & Best Practices

The Top 5 Cyber Threats Within the Manufacturing Industry

Flash Notice: [CVE-2022-1388] Critical Remote Code Execution Vulnerability Found in F5's BIG-IP Systems

Ragnar Locker Ransomware: Everything You Need To Know (Attacks & Analysis)

How is the U.S. government preparing for critical infrastructure attacks?

Flash Notice: Critical RCE Vulnerability Found in VMware Workspace ONE Access & Identity Manager

An In-Depth Look at Data Extortion Group, Lapsus$

Russia vs. Ukraine Part Two

What's Quantum Computing Got to do With It?

An In-Depth Look at Iranian APT "MuddyWater"

An In-Depth Look at Pandora Ransomware

Flash Notice: [CVE-2022-22965] Critical Zero-Day RCE Vulnerability Found in VMware's Spring Framework

How to Detect Ransomware: Best Practices for Avoiding Malware Attacks

Flash Notice: [CVE-2022-1096] Zero-Day Google Chrome Type Confusion Vulnerability

Remain Vigilant: Log4Shell Still Being Exploited

2022 Ransomware Trends

Flash Notice: Authentication Company, Okta, Breached by Lapsus$

How to Raise Your Healthcare Organization’s Game to Combat Cybercriminals

An In-depth Look at Conti's Leaked Log Chats

Not all Penetration Tests are Created Equal: Tools for Effective Pen Testing

Flash Notice: The Cyber War Continues - CaddyWiper vs RURansom

Flash Notice: Russian State-Sponsored Threat Actors Bypass Two-Factor Authentication Implementation, Gain Access to Cloud Storage Services

An In-depth Look at the Kraken Botnet

"Bronze Mohawk" & Cyber Espionage

2022 Cybersecurity Predictions

Flash Notice: HermeticWizard, HermeticRansom, and IsaacWiper Target Ukraine

Roaming Mantis, an Evolving Phishing Campaign

How to Prevent a Cyber Attack

Federal Agencies Warn of Cyber Threats After Russia Sanctions

Fears Rise of Potential Russian Cyberattacks on US, Allies Over Sanctions

The Art & Science of Threat Hunting – A Guide to Preventing Cyber Attacks

Flash Notice: [New Malware] - CISA Warns of Renewed Russian Threat as New Activity is Seen in Ukraine

Flash Notice: [CVE-2021-24086] Critical RCE Bug in Adobe Commerce, Magento

Super Bowl Weekend: BlackByte & Coinbase Were the Real Stars of the Show

Flash Notice: Moxa MXview Network Management Software has Critical Security Flaws

BlackCat Ransomware & Triple Extortion (Analysis & Tactics)

Avertium Recognized on CRN's Top 100 Managed Security Provider for Sixth Consecutive Year

Everything You Need to Know About Night Sky Ransomware

Flash Notice: LockBit 2.0 - FBI Releases New IoCs for Ransomware Attacks

How WhisperGate Affects the U.S. and Ukraine

Looking Back & Moving Forward: An Overview of 2021 Cybersecurity Events & Predictions for 2022

Flash Notice: “PwnKit”: Linux PolicyKit Security Vulnerability Discovered in Polkit’s Pkexec, Hiding in Plain Sight for 12 years

Flash Notice: Threat Actors Target SonicWall RCE Vulnerability (CVE-2021-20038)

Introducing Norton 360 and Avira's Built-In Cryptocurrency Miners

Avertium named 2021 LogRhythm Managed Services Partner of the Year

Understanding Cybersecurity Best Practices

Flash Notice: Microsoft Warns - Ukrainian Organizations Targeted by Destructive Malware Disguised as Ransomware

An In-Depth Look at Ransomware Gang, Sabbath

Log4Shell Post-Mortem and What We Learned About Open-Source Security

Flash Notice: Y2K22? Microsoft Exchange Server Breaks as we Welcome the New Year

Avertium's Paul Caiazzo Featured at the 2021 Channel Partners Conference & Expo

End of Year Recap for 2021

Flash Notice: (UPDATED) Zero-Day Vulnerability - Log4Shell is a Critical Threat to Applications

UPDATE: APT Group Continues to Exploit Multiple Zoho ManageEngine Vulnerabilities

Flash Notice: APT Group Continues to Exploit Zoho ManageEngine ServiceDesk Plus Vulnerability

An In-Depth Look at Yanluowang Ransomware

Flash Notice - Wormable Security Vulnerability Found in Several HP Printer Models

Everything you need to know about HITRUST - r2, bC, & i1 Assessments

Law Enforcement Cracks Down, Threat Actors Disappear & Re-Emerge

RaaS gangs, Drive-By Downloads, and Botnets - Are You a Target?

Vishing vs. Smishing- Stay Educated on the Latest Cyber Attacks

Flash Notice - Windows Zero-Day 'InstallerFileTakeOver' Vulnerability Allows Unauthorized Users to Become an Admin

Flash Notice - APT Group Exploits FatPipe Zero-Day Vulnerability for 6 Months

Flash Notice - Emotet Botnet is Back with New Spam Campaigns

Flash Notice - BotenaGo Botnet Could Affect Millions of Routers & IoT Devices

HIVE Ransomware: Everything You Need To Know (Attacks & Analysis)

Creating a Business-First Incident Response Plan

TIR-20211004 An In-Depth Look at Ransomware Gang, Conti

Stay Vigilant With Cybersecurity During the Holidays

Flash Notice - Philips TASY EMR Vulnerabilities Could Cause Patient Data Breach

Avertium Joins the Microsoft Intelligent Security Association

The Resurgence of Russian Threat Actor, NOBELIUM

The Top 5 Cyber Threats in the Healthcare Industry

CIOReview Awards Avertium – Security You Can Trust

Cyber Insurance - Is Advanced Protection Worth it?

TIR-20211011 DDoS Attacks & The Meris Botnet