Tag: ransomware

TAG Cyber Research Article: Understanding Compromise Intelligence

by Ed Amoroso, CEO and Founder, TAG Cyber Compromise intelligence offers cyber defenders a means to utilize cyber threat information about malicious actor behavior to discover and contextualize compromises. Ed Amoroso describes what it is, how it works and to implement this compromise intelligence with Prevailion. Understanding Compromise Intelligence

Do You Even DNS Log Bro?

by Will Gragido, Chief Strategy Officer – Prevailion, Inc. Intelligence analysis is dependent upon many things not the least of which are collections and access to data (e.g., pcaps, logs etc.) sourced from within the network. Prevailion affords its customers the ability to view intelligence related to real state of compromise outside the network’s perimeter. […]

How Vulnerable Are America’s Utilities?

Undoubtedly, news that a Florida water plant had been hacked raised a lot of alarms outside the cybersecurity industry. The idea that a water source could be contaminated hit home for many Americans, highlighting the vulnerability of the nation’s utilities and critical infrastructure. But this attack came as no surprise to security experts. It was […]

UNC1878 Continues to Infect Hospital Networks

Last October, a threat actor known as UNC1878 made headlines for a widespread criminal campaign targeting the healthcare industry (and other organizations) around the world. Over three months have passed since this group’s activities became widely known, yet in spite of high public awareness, many of UNC1878’s victims remain actively compromised to this day. Prevailion’s […]

Like the Pandemic’s Asymptomatic, Dormant Ransomware Poses Security Challenges

Over the past year, the global pandemic has taught the cybersecurity industry a lot about the spread of infection–how to control it, how to mitigate against it, and (sometimes) how to detect it. But more often than not, in both humans and cybersecurity, detection only happens because of indicators.  What remains a mystery and consequently […]

Ransomware crime group known as UNC1878

On the Trail of UNC1878

Since October 28th, Prevailion has been investigating current and potential future victims of the ransomware crime group known as UNC1878. While our investigation is still underway, we have so far identified hundreds of organizations worldwide that show compromise activity by this threat actor, and which may be in the early- to mid-stages of a Ryuk […]

Copyright 2021 Prevailion, Inc. All rights reserved.    

Disclaimer: Gartner “Cool Vendors in Security Operations and Threat Intelligence,” Mitchell Schneider, Ruggero Contu, John Watts, Craig Lawson, October 13, 2020. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner Disclaimer: The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.