Blog Posts

Featured posts from our MOXFIVE Technical Advisors with thoughts and stories to help minimize the business impact of cyber attacks.

ALL
1
Dec
8 Mitigation Options to Help Reduce the Impact of a Ransomware Incident

8 Mitigation Options to Help Reduce the Impact of a Ransomware Incident

In this blog, we look at 8 examples of best practices that can be implemented to provide for a more resilient architecture.

5
Oct
Introducing the MOXFIVE Insights Report!

Introducing the MOXFIVE Insights Report!

Our inaugural edition provides context around themes that impacted cybersecurity risk during the first half of 2022. Derived from providing forensics, recovery and resilience services through our platform, our goal is to provide a deeper understanding of the current cyber threat landscape and help organizations make better, more informed decisions.

28
Sep
Ransomware Recovery Tales: A Tale of Two Clients

Ransomware Recovery Tales: A Tale of Two Clients

When responding to a ransomware incident, making the right decisions is critical and can make the difference between an easier path or a harder one. In this blog, we tell the tales of two clients and lessons learned so you can avoid the hard path.

31
Aug
Ransomware and the Importance of Selecting the Right Digital Forensics Provider

Ransomware and the Importance of Selecting the Right Digital Forensics Provider

Picking a forensics provider is one of the first critical decisions you have to make when faced with a cyber incident. In this blog, we cover the capabilities to consider when evaluating a potential provider.

19
Jul
Playing Chess with the Adversary: Value in Security Controls

Playing Chess with the Adversary: Value in Security Controls

Security, like chess, relies on having a variety of strategies and tactics to use for countering your opponent. This blog offers a variety of options to consider when devising your own plans to outwit your adversaries.

13
Jul
Investigating Business Email Compromises

Investigating Business Email Compromises

Business Email Compromises (BECs) continue to be the one of the top attack vectors, costing organizations over $2.3 billion in 2021. In this blog, we share priorities and key methodologies for investigating these attacks.

28
Jun
Minimizing the Impact: Network Segmentation

Minimizing the Impact: Network Segmentation

Host-based microsegmentation offers a wide range of advantages over legacy counterparts allowing organizations to apply segmentation at much deeper granularity including host, user, or application levels.

22
Jun
Logging to Enable Forensics

Logging to Enable Forensics

Logs are critical sources for forensics investigations. This blog looks at various log sources and the key takeaways to consider when building the retention strategy that's best for your organization.

2
Jun
Incident Managers: Bringing Order to Chaos

Incident Managers: Bringing Order to Chaos

Our MOXFIVE Incident Managers are critical to every project we manage at MOXFIVE. Learn more about their role and how they enable everyone in the process to focus on what they do best.

8
Apr
Minimizing the Impact: Securing Active Directory

Minimizing the Impact: Securing Active Directory

Gaining access to Active Directory is often a goal of threat actors during an intrusion. In this blog, we look at two key workstreams that add security layers making it more difficult for threat actors to achieve this goal.

31
Mar
The Continued Risk of Log4j

The Continued Risk of Log4j

The worst of the Log4j fire drill might be behind us (for now), but the opportunity for new exploits still remains. Learn how a Software Bill of Materials (SBOM) and other best practices can help reduce future impacts and improve your overall security posture.

15
Mar
Improving Cybersecurity Resilience: Starting the Journey, Part 2

Improving Cybersecurity Resilience: Starting the Journey, Part 2

In Part 2 of our Improving Cybersecurity Resilience blogs, we cover five additional capabilities that round out the list of security basics that we believe all organizations should implement.

27
Jan
Minimizing the Impact: Multifactor Authentication

Minimizing the Impact: Multifactor Authentication

Credentials being stolen, reused, or even guessed often leads to an intrusion, or turns what could have been a small incident into an enterprise-wide issue. Multifactor Authentication (MFA) is a critical layer of protection to help minimize this risk.

14
Jan
Improving Cybersecurity Resilience: Starting the Journey, Part 1

Improving Cybersecurity Resilience: Starting the Journey, Part 1

MOXFIVE recommends these six capabilities as a starting point for improving resilience due to their outsize contribution to reducing risk and mitigating damage.

17
Dec
Regulations + Insurance: Shifting the Tide

Regulations + Insurance: Shifting the Tide

Regulations abound and new ones are added all the time, but breaches still happen. Why? Because compliance frameworks are flawed and do not get into the technical weeds on effective implementation. There is an opportunity for the insurance industry to help drive things forward, especially for SMBs.

22
Nov
Minimizing the Impact: Local Administrator Password Solution

Minimizing the Impact: Local Administrator Password Solution

Enabling Local Administrator Password Solution (LAPS) can help greatly reduce the blast radius of a cyber-attack and is a quick and simple process for most environments.

21
Oct
Minimizing the Impact: How Cloud-Based Services Could Reduce the Stress of Recovery

Minimizing the Impact: How Cloud-Based Services Could Reduce the Stress of Recovery

Using cloud-based services can help not only lift the burden of day-to-day IT and security tasks, but they can also provide a significant benefit when dealing with a ransomware attack.

14
Oct
Incident Management Chronicles: Striking The Right Balance

Incident Management Chronicles: Striking The Right Balance

Finding the right balance between containment, recovery and forensics workstreams is the key to faster and more effective incident response.

30
Sep
Incident Management Chronicles: Recovery vs Forensics

Incident Management Chronicles: Recovery vs Forensics

The lines between forensics and recovery can easily blur during incident response. Using an approach that delivers both in parallel helps minimize business interruption and get organizations back online more quickly.

21
Sep
How to Mature Threat Hunting Programs

How to Mature Threat Hunting Programs

Building threat hunting skills within your team can help prevent burnout, up-level skills and give your team a broader understanding of your security environment.

2
Sep
Incident Management as a Platform: Scaling Incident Response

Incident Management as a Platform: Scaling Incident Response

Learn how MOXFIVE's platform-based approach to incident management drives increased efficacy and quicker resolution of complex challenges while also reducing costs and making life easier for all parties involved.

25
Aug
Ransomware Payment Bans are Bad Policy

Ransomware Payment Bans are Bad Policy

This year’s Colonial Pipeline breach turned a spotlight on the debate over whether or not cyber ransoms should be paid by victims of these attacks. This blog examines why we think payment bans are bad policy.

18
Aug
Open-source Security Spotlight: pfSense

Open-source Security Spotlight: pfSense

Open-source software is used in a wide variety of projects, including the recent Mars helicopter, Ingenuity! In this blog, we take a look at the open-source network security solution, pfSense, and the many ways it can be used.

21
Jul
Visibility in Incident Response: Don’t Chase Ghosts in Your IT Estate

Visibility in Incident Response: Don’t Chase Ghosts in Your IT Estate

To effectively respond to a cybersecurity incident, having complete visibility into all assets (endpoint devices, applications, user accounts) across your IT estate is a critical success factor for recovering quickly and minimizing business disruption.

13
Jul
Dispatch from the Front Line

Dispatch from the Front Line

In July 2019 we posted our inaugural blog and introduced our idea of how a Technical Advisor could help companies better manage the incident response process. Two years (and hundreds of incidents) later, we've learned many lessons that help our clients recover quickly and effectively.

22
Jun
Tabletops Improve Incident Response

Tabletops Improve Incident Response

Tabletops can help improve organizational awareness and streamline Incident Response efforts. Learn how they can help mature your security posture and develop your teams' skills.

13
May
Maximizing Red/Blue Team Effectiveness

Maximizing Red/Blue Team Effectiveness

Fusing the efforts of your red and blue teams by implementing a purple team approach enables analysts to cross-train, collaborate, and respond more effectively during an incident.

27
Apr
Recover, Then Upgrade - One Problem at a Time

Recover, Then Upgrade - One Problem at a Time

Four questions to ask if you're considering adding an upgrade to an in-progress recovery effort.

24
Mar
Common Misconceptions of Business Recovery

Common Misconceptions of Business Recovery

Recovering from a cyber incident is a complicated and challenging process. Read our top 6 factors that can help determine whether the recovery process runs smoothly... or not.

18
Mar
When it Comes to Cybersecurity, Money Talks

When it Comes to Cybersecurity, Money Talks

Changes in the cyber insurance industry are driving a change in how organizations are investing in security.

MOXFIVE, CrowdStrike, and Baker Tilly outline three use cases where our intelligence-led process helped clients recover with speed and precision.

HOW WE CAN HELP

Our mission is to minimize the business impact of cyber attacks. 

Incident Management

MOXFIVE provides the clarity and peace of mind needed for attack victims during the incident response process. Our platform approach enables victims of attacks to work with a Technical Advisor who provides the expertise and guidance needed in a time of crisis, and facilitates the delivery of all technical needs required, consistently and efficiently.

Learn More

Business Resilience

With experience on the front lines responding to incidents daily, MOXFIVE Technical Advisors have the unique ability to connect the dots between business, information technology, and security objectives to help you quickly identify the gaps and build a more resilient environment.

Learn More