Introducing the MOXFIVE Insights Report!
Our inaugural edition provides context around themes that impacted cybersecurity risk during the first half of 2022. Derived from providing forensics, recovery and resilience services through our platform, our goal is to provide a deeper understanding of the current cyber threat landscape and help organizations make better, more informed decisions.
Ransomware Recovery Tales: A Tale of Two Clients
When responding to a ransomware incident, making the right decisions is critical and can make the difference between an easier path or a harder one. In this blog, we tell the tales of two clients and lessons learned so you can avoid the hard path.
Investigating Business Email Compromises
Business Email Compromises (BECs) continue to be the one of the top attack vectors, costing organizations over $2.3 billion in 2021. In this blog, we share priorities and key methodologies for investigating these attacks.
Minimizing the Impact: Network Segmentation
Host-based microsegmentation offers a wide range of advantages over legacy counterparts allowing organizations to apply segmentation at much deeper granularity including host, user, or application levels.
Logging to Enable Forensics
Logs are critical sources for forensics investigations. This blog looks at various log sources and the key takeaways to consider when building the retention strategy that's best for your organization.
Incident Managers: Bringing Order to Chaos
Our MOXFIVE Incident Managers are critical to every project we manage at MOXFIVE. Learn more about their role and how they enable everyone in the process to focus on what they do best.
Minimizing the Impact: Securing Active Directory
Gaining access to Active Directory is often a goal of threat actors during an intrusion. In this blog, we look at two key workstreams that add security layers making it more difficult for threat actors to achieve this goal.
The Continued Risk of Log4j
The worst of the Log4j fire drill might be behind us (for now), but the opportunity for new exploits still remains. Learn how a Software Bill of Materials (SBOM) and other best practices can help reduce future impacts and improve your overall security posture.
Minimizing the Impact: Multifactor Authentication
Credentials being stolen, reused, or even guessed often leads to an intrusion, or turns what could have been a small incident into an enterprise-wide issue. Multifactor Authentication
(MFA) is a critical layer of protection to help minimize this risk.
Regulations + Insurance: Shifting the Tide
Regulations abound and new ones are added all the time, but breaches still happen. Why? Because compliance frameworks are flawed and do not get into the technical weeds on effective implementation. There is an opportunity for the insurance industry to help drive things forward, especially for SMBs.
Incident Management Chronicles: Recovery vs Forensics
The lines between forensics and recovery can easily blur during incident response. Using an approach that delivers both in parallel helps minimize business interruption and get organizations back online more quickly.
How to Mature Threat Hunting Programs
Building threat hunting skills within your team can help prevent burnout, up-level skills and give your team a broader understanding of your security environment.
Ransomware Payment Bans are Bad Policy
This year’s Colonial Pipeline breach turned a spotlight on the debate over whether or not cyber ransoms should be paid by victims of these attacks. This blog examines why we think payment bans are bad policy.
Open-source Security Spotlight: pfSense
Open-source software is used in a wide variety of projects, including the recent Mars helicopter, Ingenuity! In this blog, we take a look at the open-source network security solution, pfSense, and the many ways it can be used.
Dispatch from the Front Line
In July 2019 we posted our inaugural blog and introduced our idea of how a Technical Advisor could help companies better manage the incident response process. Two years (and hundreds of incidents) later, we've learned many lessons that help our clients recover quickly and effectively.
Tabletops Improve Incident Response
Tabletops can help improve organizational awareness and streamline Incident Response efforts. Learn how they can help mature your security posture and develop your teams' skills.
Maximizing Red/Blue Team Effectiveness
Fusing the efforts of your red and blue teams by implementing a purple team approach enables analysts to cross-train, collaborate, and respond more effectively during an incident.
Common Misconceptions of Business Recovery
Recovering from a cyber incident is a complicated and challenging process. Read our top 6 factors that can help determine whether the recovery process runs smoothly... or not.
In Times of Crisis: Focus, Plan, Ask for Help
Every pilot learns the mantra "Aviate. Navigate. Communicate." during their initial flight training. Easy to remember in a crisis and it helps remind the pilot of the order of priorities required to execute an optimal recovery.
Think Before you “Brick”
Over the last year, insurance carriers have looked for innovative ways to expand coverage. One such area is coverage around “bricking”. A...
The Next Phase in Cyber Insurance
Cyber claims have departed from lost laptops and basic malware claims and the industry is now realizing that it's less prepared to deal with