Robert Kehl’s Post

🔊 Saying it louder for the folks in the back... Enable VMware Lockdown Mode!! Do not get caught off guard with having SSH exposed, especially if there is a lack of network segmentation. I (very) recently responded to a large client where entire clusters of ESXi were encrypted, and their organization was crippled. Luckily, Sygnia was there to assist with the investigation, recovery efforts, and robust hardening. 🔒 ESXi Ransomware Attacks: Evolution, Impact, and Defense Mechanisms In recent years, Sygnia’s #IncidentResponse team has repeatedly encountered #ransomware attacks targeting virtualized environments, particularly against VMware ESXi infrastructure. TL;DR: Ransomware attacks on virtualized environments are on the rise. This blog post covers the evolution, impact, and defense mechanisms to protect your ESXi infrastructure. Stay resilient against these growing threats with actionable strategies and tactics. Contributors: Nital Ruzin , Omer Kidron (Excellent work!) #CyberSecurity #VMware #ESXi #Ransomware #IncidentResponse #Virtualization #CyberThreats #DigitalResilience #Security #Sygnia #networksecurity #informationsecurity #infosec #cyber #cybercrime #cybersecurityawareness #securityleadership 🔐

🚨 Exciting News! 🚨 Sygnia has been recognized once again as a Representative Vendor, in the 2024 Gartner® Market Guide for Digital Forensics and Incident Response (DFIR) Retainer Services.     We've seen first-hand that when confronted with a breach, you need the best team on your side. With Sygnia's Incident Response Retainer (IRR), you’ll benefit from the full capabilities of our Incident Response team immediately.  Download a complimentary copy of the Market Guide. https://lnkd.in/g-DiQyBE #IncidentResponse #Ransomware #IncidentResponseRetainer #CyberSecurity #DFIR #Gartner #Sygnia #CyberDefense #ThreatIntelligence #InfoSec #DataBreach #CyberAttack #SecurityAwareness

Last month, after wrapping up a successful on-site engagement with a client, I finally had the chance to visit the Statue of Liberty for the first time. It took me 36 years to get here, and it was worth the wait! Thanks to Sygnia for making this moment possible as it likely would have taken longer without this role. #Cybersecurity #ConsultingLife #Travel #WorkLifeBalance #Sygnia #NYC #StatueOfLiberty #ProfessionalGrowth

🚀 Join Our Team as a Cyber Security Consultant at Sygnia! 🚀 Are you a seasoned cybersecurity professional ready for your next challenge? Sygnia is looking for experts like you to join our dynamic team. At Sygnia, we combine combat-proven expertise and innovative solutions to build cyber resilience and stay secure against evolving threats. 🌐 About the Role: Location: Remote (USA) with occasional travel. Primary Focus: Conduct Cybersecurity Posture Assessments, evaluating security strategies, identifying gaps, and providing recommendations to enhance security posture, resilience, resource optimization, and ROI. Additional Duties: Occasionally support our Incident Response teams. 💼 Key Responsibilities: Evaluate Security Posture: Assess configurations and strategies, identifying gaps. Interactive Discussions: Lead discussions on network security, cloud security, IAM, and more. Consult and Advise: Develop cybersecurity plans, design architectures, and guide clients on creating and prioritizing security roadmaps aligned with business goals. Configuration Review: Review client technologies and configurations to validate findings. We are not auditors; we collaborate to improve security posture. Collaborate with Internal Teams: Work with our adversarial tactics team to simulate attack scenarios and validate findings. Deliver Expertise: Create deliverables and present results to clients, addressing specific cyber risks. 🔧 Technical Capabilities: SIEM and EDR Solutions: Experience with SIEM and EDR solutions. Server and Workstation Administration: Experience managing and securing servers and workstations. Email Security: Expertise in securing email systems. Network Security: Understanding of network security principles. Cloud Security: Familiarity with cloud security practices. IAM: Knowledge of IAM solutions, including Active Directory and MFA. Application Security: Experience with Burp Suite, SSDLC, CI/CD, and SAST/DAST. Adversarial Mindset: Familiarity with attack patterns is a plus. 🌟 What We Offer: Engage with Leadership: Work directly with senior executives, CISOs, CIOs, engineers, analysts, and business stakeholders. Your insights will be highly valued. Dynamic Environment: Each client brings unique perspectives, environments, and challenges. Excellent Compensation and industry standard benefits. 💬 Interested? Reach out to me directly with any questions. Check out the full job description: https://lnkd.in/gctcRMXb Let’s innovate and protect together! 🌐🔒 #CyberSecurity #Hiring #RemoteWork #TechJobs #JoinUs #SecurityConsulting #InfoSecJobs #CyberJobs #ApplicationSecurity #NetworkSecurity #CloudSecurity #IAM #CyberResilience #IncidentResponse

Just a friendly reminder than in this cybersecurity market, experience reigns supreme. While degrees and certifications are valuable, companies ultimately seek individuals who can deliver results. #Cybersecurity #ExperienceIsKey

In late 2023, Sygnia responded to a #cyberattack targeting a large organization. ▶ During the investigation, Sygnia determined that the #threatactor exhibited behaviors like those of a #Chinanexus threat actor. ▶This threat actor, which Sygnia tracks as Velvet Ant, had infiltrated the organization’s network at least two years prior to the investigation, and had succeeded in gaining a strong foothold, and intimate knowledge of the network. ▶Despite Sygnia’s diligent efforts to remediate compromised systems and enhance visibility into hosts and network devices, the threat actor resurfaced time and again through the use of dormant persistence mechanisms in unmonitored systems. ▶This blog describes the usage of one of those mechanisms, which included leveraging legacy servers and unpatched network appliances. #CyberSecurity, #ThreatIntelligence, #NetworkSecurity, #CyberAttack, #ThreatActors, #PersistenceMechanisms, #LegacySystems, #IncidentResponse, #APT, #CyberDefense, #VulnerabilityManagement, #AdvancedThreats

Exciting and industry disrupting news! Sygnia, in collaboration with NVIDIA AI , is deploying #AI and #hardware-accelerated security at the #edge to enhance detection and response for the #energy, #criticalinfrastructure, and #industrial sectors.   Download our webinar replay to learn more about Velocity Edge, the new AI-powered managed #XDR solution that allows you to achieve true enterprise-wide detection and response across the industrial digital estate. Let's say that there are some updates to make to the Purdue Model ;) | Check it out! Download here: https://bit.ly/3JLlD3C #Sygnia, #NVIDIA, #hardwareaccelerated, #security, #detection, #response, #webinar, #VelocityEdge, #XDR, #enterprisedetection, #PurdueModel, #OTsecurity, #OperationalTechnology

Something fun for the weekend, unless you have Checkpoint VPN. If that is you, apologies! #ZeroDay, #FireWall, #SecurityBreach, #CyberThreats, #Hackers, #CyberSecurity, #ITSecurity, #InfoSec, #DataProtection, #TechHumor, #NetworkSecurity