Léargas has always been about providing “Insight”. Now, it fights for the world!

leargas_collector

Léargas has always been about providing “Insight”. Now, it fights for the world!

Global events such as the Coronavirus (COVID-19) make all of us targets for cybercriminals. It could be in the form of phishing emails or new targeted scams, these tactics are meant to take advantage of individuals who are understandably concerned about their health and safety of their family during this challenging time.

Additionally, it targets companies that have effectively turned their infrastructure “inside-out” to provide all of the necessary services and data for their now remote-workers to perform at their best. That means weakened firewall rules, mission-critical servers connected to the Internet, and no multi-factor authentication.

This pandemic is challenging for all of us. We all need to adapt to this new reality and look out for one another any way we can. Our mission with Léargas has always been to protect people against threats at the intersection of cyber and the physical world, and this disaster has provided us with the motivation to find new ways to help.

As with any new endeavor, knowledge is key, so we began ingesting atomic indicators around COVID-19/Coronavirus and converting them into an actionable data set for the mitigation of COVID-related digital threats.

Immediately, we found an increase in malicious activity using COVID-19 as a lure to commit cybercrimes by offering urgent information in phishing emails, selling fake “vaccines” and numerous other scams. (Example is shown above)

We remain committed to keeping our clients safe during this pandemic. To that end, we have created a package of detections related to COVID-19 based attacks, which consists of known threat actors, attack methodologies, and how they’re exploiting COVID-19. If you are a Managed Services Partner or have a subscription to Léargas, there is nothing you need to do. The package was deployed and you will receive pertinent alerts as necessary.

Should you not be a subscriber, please reach out to us for more information on gaining access to these preventative measures.

Lastly, we want to provide some additional recommendations:

Recommendations for Our Clients:

Security always starts with the basics. If you aren’t using Léargas, make sure your systems are patched and IDS/IPS signatures and associated files are up to date. Attackers rely heavily on unpatched and out-of-date network configurations.
Keep applications and operating systems running at the current released patch level. If you aren’t sure how to do this, reach out. One of our engineers will share some helpful information to assist you.
Leverage Multi-Factor Authentication! We see more companies breached each day due to the lack of multi-factor authentication than any other attack strategy. With hundreds of data breaches a year, we don’t expect this to decline.
Regrettably, in times like these when so many of us are coming together, there are still a few that will try to tear us apart. Be Aware, keep alert, stay strong, stay together, but stay 6 feet apart, for now.

-PK

MDR: Managed Detection and Response – What you should know!

leargas_main

Legacy Security Information and Event Management (SIEM) is typically the solution for enterprises who need visibility into cyber threats across distributed IT infrastructure, essential to meeting regulatory compliance. However, SIEM solutions are cost-intensive, complex to properly configure, and cumbersome to maintain.

That’s why many companies are now migrating managed security service providers (MSSPs), such as Critical Path Security, who offer rapid deployment and through affordable subscription models.

Managed Detection and Response (MDR) is a Critical Path Security managed security service that detects intrusions, malware, and malicious activity in your network and assists in responding quickly to eliminate and mitigate those threats.

Critical Path Security MDR services have a very light footprint on your network and use a combination of cybersecurity experts and advanced technology to eliminate false positives, identify real security threats, and develop actionable responses in real-time.

While the average time across industries to detect a compromise is over 200 days, Critical Path Security’s service regularly reduces that to moments and therefore minimizes the impact of a security event.

Critical Path Security MDR is a necessity for organizations that have a regulatory requirement to provide effective detection and response. Critical Path Security specializes in the delivery of these services to financial services, government, military subcontractors, retail, and energy.

Typically, these organizations struggle to recruit and retain in-demand security professionals. Unfortunately, these organizations are high-value targets for criminals, making an effective response that much more critical.

The Critical Path Security Services provides:

  • Security experts who act as direct extensions of the organization
  • 24/7 monitoring of events/logs, suspicious activity, and alerts
  • Continuous multi-dimensional, multi-contextual network monitoring
  • Incident Response Recommendations
  • Ongoing Vulnerability Assessments
  • Regulatory compliance reporting

Providing better visibility for Managed IT Providers, Léargas now provides full integration with SentinelOne!

SentinelOne-2

As the needs of endpoint protection continue to evolve and an increase of reliance on Managed IT Providers increases, Léargas Security felt an obligation to build in full integration and support of the SentinelOne Autonomous Endpoint Protection Platform.

As you’ve come to expect from the Léargas Platform, all data consumed from the SentinelOne product is fully-correlated to all network traffic flows (from the MAC address to browser traffic) and external enrichment sources.

Léargas Security and it’s strategic partners will support the lightweight and high-performance for PC, Mac, Linux, VDI. Security in real-time on the device, and fully autonomous.

Additionally, SentinelOne provides a ransomware warranty which provides greater assurance that we’ve got you covered.

Don’t settle for trying to cobble together disparate tools that leave you with blind spots. You deserve better.

NBC/11Alive News interviews Patrick Kelley regarding El Paso

“I’m worried that someone who read that manifesto might come to the church Sunday morning and find the quickest way to get to the stage,” Patrick Kelley, the CEO of Léargas Security said.

“We just felt like we had to,” Kelley said. “We are afraid to go to church. We are afraid to go to the grocery store. We are afraid to drop our kids off at school. And if we have some – any – way that we can make a change, we have to.”

That’s why he started “Léargas” with his business partners in November – to try and find those threats before they strike.

“This is one of those situations where you look around the world and say, ‘it’s terrifying. We have to do something’,” he said.

That’s why he and his group created the program that monitors sites like 8Chan, where the El Paso shooter posted the manifesto attributed to him. The idea is to get the information shooters post online to police before they have a chance to act.