-
EDR / MDRIdentify, contain, respond, and stop malicious activity on endpoints
-
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
-
Risk Assessment & Vulnerability ManagementIdentify unknown cyber risks and routinely scan for vulnerabilities
-
Identity ManagementSecure and streamline client access to devices and applications with strong authentication and SSO
-
Cloud App SecurityMonitor and manage security risk for SaaS apps
-
SASEZero trust secure access for users, locations, and devices
-
SOC ServicesProvide 24/7 threat monitoring and response backed by ConnectWise SOC experts
-
Policy ManagementCreate, deploy, and manage client security policies and profiles
-
Incident Response ServiceOn-tap cyber experts to address critical security incidents
-
Cybersecurity GlossaryGuide to the most common, important terms in the industry
Filter By:
07/27/2021
5 min read
Malware Analysis - Infinity Gauntlet
By: Stuart Gonzalez
We, the ConnectWise CRU, wanted to join in on the [fun/chaos] of the malware variant naming circus. We have ironically dubbed the variant found as Infinity Gauntlet due to the colorful naming various researchers have given this malware. That said, Solarmarker is probably the most appropriate name for this malware in general. We’ll find out why later on in the review of its code.

Cybersecurity
07/03/2021
4 min read
RMM Buffalo Jumping – Independence Day Remix
By: Stuart Gonzalez
Today’s cybersecurity landscape is complex and yet, simple at the same time. Vendors, partners, end users – we are all in this together, and the goal is to protect the larger community from bad actors. ConnectWise shares many mutual partners with other vendors in our space, and we do not want to see any vendor compromised. With that, it is important to understand what has happened in the past 36+ hours and what that means to the community. Here is our take.

Cybersecurity
05/05/2021
2 min read
Galaxy Ransomware begins affiliate program
By: Stuart Gonzalez
“This software is targeted for business networks attacks. Any customization can be applied on need based on the situation and environment.” The intended victims are businesses but in their FAQ the operator mentions “we have a residential ransomware for non-business mass distribution.” The operator does not go into any additional details about the difference, so I can only assume it’s the same code but with different or limited features.

Cybersecurity
04/13/2021
2 min read
Marketo Auction Leak Site
By: Stuart Gonzalez
We’re actively monitoring and reporting on any possible new leak sites for compromised individuals and corporations.

Cybersecurity