The IT Nerd

Nuspire, a leading managed security services provider (MSSP), today announced the release of its Q1 2022 Threat Report. The report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs), as well as provides data and insight into malware, exploit and botnet activity.

Nuspire’s data revealed a significant number of new vulnerabilities leading to increases in threat actor activity across all three of the threat classifications it studies: malware, botnets and exploits. Of note are several older botnets that saw a resurgence in Q1, including Mirai, STRRAT and Emotet. 

Mirai, known for co-opting IoT devices to launch DDoS attacks, showed a spike in activity in February 2022. This corresponded with the discovery of Spring4Shell, a zero-day attack on popular Java web application framework, Spring Core. The attack allows for unauthenticated remote code execution, and data show Mirai exploited this vulnerability to its botnet.

STRATT botnet, which engages in information stealing, keystroke logging, and credential harvesting from browsers and email clients, also spiked in February. This data corresponds with recent announcements identifying a new STRRAT phishing campaign. 

Additional notable findings from Nuspire’s Q1 2022 Threat Report include:

• Incidences of malware, botnet and exploit activity increased 4.76%, 12.21% and 3.87% respectively over Q4 2021. 
• Visual Basic Applications (VBA) trojans continue to be the top malware variant, comprising nearly 30% of all malware variants. Of note is its activity spiked just prior to Microsoft’s announcement of plans to block VBA macros by default on Office products. 
• Brute force attacks – when threat actors guess different combinations of potential passwords until the correct password is discovered – were by far the most popular exploit at 61%. 

For those interested in getting an in-depth overview of the report, Nuspire is hosting a webinar this Thursday, May 12 at 2 p.m. ET, featuring the cybersecurity experts who compiled the research. You can register here. 

Nuspire, a leading managed security services provider (MSSP), has been named a Representative Vendor in the 2022 Gartner Market Guide for Managed Security Services (MSS).

The Market Guide for Managed Security Services provides an update of the current MSS definition, description and direction of the market, and recommendations for companies looking to invest in MSS services, including a list of 40 vendors out of 500 in the MSS market. 

Key findings in the market guide include: 

• “Managed security services (MSS) providers offer an array of security services that vary from provider to provider. This breadth of service offerings provides wide choice but increasingly overlaps with capabilities offered by other market segments.
• Differentiation and comparison between MSS providers can be hard for buyers to quantify, as service capabilities and delivery models vary greatly from provider to provider.
• SaaS security capabilities have taken precedence for many buyers, significantly reducing the requirement to utilize a third-party provider to maintain security technology.
• Non-security-specific vendors in the IT outsourcing (ITO) and network service provider (NSP) markets commonly offer implementation and management services for security technologies, reducing cost by co-contracting network, desktop and security outsourcing.”

To download the 2022 Gartner Market Guide for Managed Security Services, click here: https://www.nuspire.com/resources/download-gartner-market-guide-for-managed-security-services/. 

Nuspire, a leading managed security services provider (MSSP), announced today that it has been named the Best and Brightest Companies to Work For In the Nation, and in Denver and Detroit for 2021 by the National Association for Business Resources. 

The Best and Brightest Companies to Work For In The Nation releases the results of the spring, summer, fall and winter applications. The fall Best and Brightest National winners honored 167 winning organizations from across the country out of 1,500 nominations. This year is the sixth year Nuspire has been named a Best and Brightest winner in the nation, the first year to be recognized as a Denver winner and the ninth year as a Metro Detroit winner.  

The Best and Brightest Companies to Work for Program identifies and honors companies from across the nation based on their compensation, benefits and employee solutions; employee enrichment, engagement and retention; employee education and development; recruitment, selection and orientation; employee achievement and recognition; communication and shared vision; diversity and inclusion; work-life balance; community initiatives; and strategic company performance. Winners of the competition deliver exceptional human resource practices and have a remarkable commitment to their employees. 

To view current job opportunities and to become part of an exciting work environment at Nuspire, please visit https://www.nuspire.com/careers or https://www.linkedin.com/company/nuspire/jobs.  

Nuspire today announced the release of its 2021 Q3 Quarterly Threat Landscape Report. Sourced from 90 billion traffic logs, the report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs), with additional insight from its threat intelligence partner, Recorded Future.

In Q3 2021, Nuspire security experts witnessed an 82.6% increase in exploit activity, including a spike in activity against newer vulnerabilities; ProxyShell and ProxyLogon, which are two particularly aggressive vulnerabilities affecting Microsoft Exchange Servers. 

Additional notable findings from Nuspire’s 2021 Q3 Threat Landscape Report include:

• -71% decrease in VBA Agent Activity, likely due to threat actors re-tooling payloads in preparation for the Q4 2021/ Q1 2022 Holiday Season
• Two previously unseen botnets have made their way into the top 5 most active in Q3. (XorDDOS and BadRabbit Botnets)
• SMB & SSH Bruteforcing lead again in highest witnessed exploitation attempts in Q3

I spoke to Josh Smith of Nuspire about this and I got the following highlights out of our conversation:

• Even though law enforcement is really dropping the hammer on gangs like Evil, organizations really need to step up their threat detection and response game. This report has some suggestions on that front that I really think that organizations can and should implement ASAP.
• Ransomware is still the “low hanging fruit” because it’s so profitable and the use of botnets and VBA scripts to accomplish that simply illustrates that. It’s basically a “fire and forget” means to try and acquire victims which makes it a low effort/high reward proposition. It also means that these ransomware gangs will simply move on to the next potential target.

Clearly we still live in a universe where the threats are everywhere, and organizations need to protect themselves accordingly. Learn more about protecting your organization from increasing cyber threats by downloading Nuspire’s 2021 Q2 Threat Landscape Report.

Nuspire today announced the release of its 2021 Q2 Quarterly Threat Landscape Report. Sourced from 90 billion traffic logs, the report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs) with additional insight from its threat intelligence partner, Recorded Future. 

In a recent Forrester podcast, security analysts discuss ransomware attacks becoming more common and more damaging. “Critical infrastructure organizations like hospitals or energy providers are more lucrative targets for attackers because the impact of their shutdown is more immediate and could threaten lives, forcing victims to pay the ransom quickly.”

In Q2 2021, Nuspire security experts witnessed a 55,239% increase in ransomware activity just a few weeks prior to the Colonial Pipeline Ransomware attack conducted by DarkSide Ransomware group. The reason for the increase is not known and it may not be related to Colonial Pipeline, but one can speculate that the increase could be from the same campaign with Colonial Pipeline.

 Additional notable findings from Nuspire’s 2021 Q2 Threat Landscape Report include:

• Malware activity up 41.84% and continues to be driven by VBA Agent Activity and a new addition of JS/Valkyr activity
• Botnet activity down -50% from Q1, which is likely a result from the impact of Emotet being removed from the space
• -51% decrease in exploit activity from Q1, but beginning to trend back up into Q3 as well as a large increase in SSH Bruteforce activity that has not been seen before

I spoke to the folks at Nuspire about this and they do these reports to highlight to customers what’s out there and how best to avoid becoming the next victim. In terms of the latter, it really comes down to a handful of things that might sound familiar to you:

• Educate all users, often
• Take a layered approach to security
• Up your game when it comes to malware protection
• Segregate higher-risk devices from your internal network
• Patch all the things

Learn more about protecting your organization from increasing cyber threats and download Nuspire’s 2021 Q2 Threat Landscape Report. There’s a live webinar planned to discuss these results on the 14th of September which you can sign up for here.

Nuspire, leading Managed Security Services Provider (MSSP) that is revolutionizing the cybersecurity experience, today announced its new managed EDR service that supports best in breed EDR technologies from Carbon Black, SentinelOne and others to help clients manage their EDR solutions and automate responses.

Nuspire’s EDR service provides the SOC as a Service (SoCaas) for clients when they have limited resources, 24×7 time, or expertise to manage, or monitor their EDR technology. With this service, Nuspire’s security experts automatically respond to incidents, help clients understand what technology best suits their organization’s needs, and receive full visibility of their security program through one tool.

myNuspire, a revolutionary technology agnostic and fully customizable security operating system, was launched earlier this year in May. With these leading EDR technologies integrated into the myNuspire platform, CISOs and security analysts have a crystal-clear picture into the security posture of their organizations in real-time, while controlling and contextualizing all available information of a security program at a glance.

To learn more about our managed EDR service and the solutions we provide, visit https://www.nuspire.com/services/endpoint-detection-and-response/  

Nuspire is a leading managed security services provider (MSSP) that is revolutionizing the cybersecurity experience by taking an optimistic and people first approach. Their deep bench of cybersecurity experts, world-class threat intelligence and 24×7 security operations centers (SOCs) detect, respond and remediate advanced cyber threats. Nuspire offers comprehensive services that combine award-winning threat detection with superior response capabilities to provide end-to-end protection across the gateway, network and endpoint ecosystem. Their client base spans thousands of enterprises of all sizes, across multiple industries, and achieves the greatest risk reduction per cyber-dollar spent. Nuspire is laser-focused on delivering an extraordinary cybersecurity experience that exceeds client expectations.

For more information, visit www.nuspire.com