NORWALK, Conn., January 20, 2022 — Datto Holding Corp. (Datto) (NYSE:MSP), the leading global provider of cloud-based software and security solutions purpose-built for Managed Service Providers (MSPs), today announced that it has acquired threat detection and response company Infocyte, extending Datto’s security capabilities that protect, detect, and respond to cyberthreats found within endpoints and cloud environments. Based in Austin, Texas, Infocyte is an innovator in Endpoint Detection and Response (EDR) technologies and Managed Detection and Response (MDR) services. Founded by threat inte ..read more

Running a successful EDR platform and MDR service is never-ending pursuit to stay one step ahead of hackers. As threat actors find creative ways to attempt to circumvent our customers defenses, we are constantly innovating to ensure we can detect and respond to security incidents quickly. Our founders Chris Gerritz and Russ Morris joined me (Kelly Giles, Marketing Director, nice to meet you) in this interview to answer some of my questions about exactly how they manage to continuously sniff out ransomware attacks. The Early Years: Before Starting a Managed Detection and Response Company Kelly ..read more

This post was last updated on January 19th, 2022 at 02:26 pm As a follow up to our other blog post related to CVE-2021-44228, the Remote Code Execution (RCE) vulnerability affecting Apache Log4j, we wanted to go into analysis of a log4shells attack. Who is vulnerable? Basically, this vulnerability affects any apache web server using vulnerable versions (2.11.0 – 2.14.1) of the log4j logger. The list of products that use this is extensive. Assume if the product or service listens on HTTP/HTTPS listener, it might be using Apache. What are the two ways to find vulnerable systems? As the situation ..read more

Cybersecurity is a topic that keeps many business executives, managers, and IT directors up at night, and with good reason. The average cost of a breach in 2021 is estimated at $4.24 million! As information technology grows in sophistication, so do cyber threats. This week, for example, the Apache Log4j vulnerability has sent security teams into a frenzy. As you likely know by now, antivirus protection alone is not enough to avoid a data breach. But, choosing between different detection and response solutions can be overwhelming. Keep reading to learn if MDR services or EDR is a better fit for ..read more

This post was last updated on December 22nd, 2021 at 01:32 pm You’ve likely heard that a major vulnerability in Apache Log4j was recently disclosed. Our team has been working around the clock to empower our customers to scan their systems for exploits and keep you updated as the situation develops. For more information, please see our Log4j Vulnerability article.  The Infocyte platform itself does not make use of the affected library, so currently no related vulnerabilities exist within our software. Apache Log4j is a popular Java logging library which our product does not use.  We w ..read more

This post was last updated on January 19th, 2022 at 02:25 pm UPDATED: 12/22 – Added new detection logic to mitigate common obfuscation tactics. De-emphasized mitigation procedures which no longer help. If you are reading this than I assume you have already heard about CVE-2021-44228, the Remote Code Execution (RCE) vulnerability affecting Apache Log4j, the Java logging library much of the internet uses on their web servers. While many blogs and comments have posted methods to determine if your web servers / websites are vulnerable, there is limited info on how to easily detect if your web serv ..read more

This post was last updated on December 9th, 2021 at 11:14 am Large organizations and middle-sized businesses dread the ransomware plague as it can paralyze day-to-day operations and expose confidential information to the public. Most organizations have taken some steps toward protecting their business through ransomware detection and protection, but is it enough?  The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) prepared a comprehensive guide for all business owners to help them arm their businesses against ..read more

Cyberattacks are at an all-time high. Ransomware is all over the news, and killware is the next big fear. Hackers are growing more competent at detecting gaps and loopholes in corporate security systems. They can obtain access to secured files and data as technology advances, creating a serious cybersecurity concern. Cybercriminals target organizations with some type of value they can extort. They might pursue those with highly confidential data. Recently, though, mid-sized businesses have also become a top target because they have money to pay a ransom and are unlikely to have the security m ..read more

Microsoft 365 hails as the lifeblood of most American (and global) small-medium sized enterprises. Since the wake of the Covid-19 pandemic, cybercriminals and hackers have seemed to up their illegal game by targeting more organizations than ever witnessed before. This year alone, tens of thousands of organizations had the security of their Microsoft 365 systems compromised. These illegal players used various Microsoft Exchange vulnerabilities as a gateway to conduct unauthorized activities, including launching malware and ransomware attacks. The most affected businesses are those using on-prem ..read more

This post was last updated on November 19th, 2021 at 03:27 pm Here at Infocyte, we are helping our customers and partners respond to major attacks on almost a weekly basis. When I say attack, I don’t mean an antivirus notification about a bad file that a user inadvertently downloaded. The attacks I am talking about are full on hands-on-keyboard (what red teamers call “interactive”) access that has tunneled past all the network security controls and protections. While some of these attacks occur against organizations that have under-invested in security, last month we had what we would consider ..read more