Cookie Preference Centre

Your Privacy
Strictly Necessary Cookies
Performance Cookies
Functional Cookies
Targeting Cookies

Your Privacy

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences, your device or used to make the site work as you expect it to. The information does not usually identify you directly, but it can give you a more personalized web experience. You can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, you should know that blocking some types of cookies may impact your experience on the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site may not work then.

Cookies used

ContactCenterWorld.com

Performance Cookies

These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site.

Cookies used

Google Analytics

Functional Cookies

These cookies allow the provision of enhance functionality and personalization, such as videos and live chats. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these functionalities may not function properly.

Cookies used

Twitter

Facebook

LinkedIn

Targeting Cookies

These cookies are set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant ads on other sites. They work by uniquely identifying your browser and device. If you do not allow these cookies, you will not experience our targeted advertising across different websites.

Cookies used

LinkedIn

This site uses cookies and other tracking technologies to assist with navigation and your ability to provide feedback, analyse your use of our products and services, assist with our promotional and marketing efforts, and provide content from third parties

OK
BECOME
A MEMBER
TODAY TO:
CLICK HERE
[HIDE]

Here are some suggested Connections for you! - Log in to start networking.

Industry Research : 91% of Critical Endpoint Security Events Leverage PowerShell to Cloak Detection When Targeting Midsized Businesses

#contactcenterworld, @eSentire, @mrb_pr

Opportunistic threat actors are leveraging trusted tools, like PowerShell, to retrieve and execute malicious code from remote sources. According to a new cyber threat report from eSentire, Inc., a pure-play Managed Detection and Response (MDR) provider, 91% of endpoint incidents detected in Q1 2018 involved known, legitimate binaries, such as PowerShell or mshta.exe. These processes are used by opportunistic and targeted threats alike, allowing them to circumvent basic controls to deliver and install malware.

"eSentire Threat Intelligence data shows heavy use of legitimate Microsoft binaries, such as PowerShell and mshta.exe, popular tools for downloading and executing malicious code in the initial stages of a malware infection," said Eldon Sprickerhoff, founder and chief security strategist, eSentire. "PowerShell can also be leveraged by adversaries to reduce their on-disk footprint and evade detective controls by operating in memory and obfuscating command-line parameters."

In late January 2018, an eSentire advanced threat analytics operation (powered by machine learning and coined "Blue Steel"), detected an adversary leveraging an unknown exploit in Kaseya’s Virtual System Administrator (VSA) product to deploy crypto miners across the infrastructure of a small number of eSentire customers. The attack broadly targeted the trusted system of MSPs and cloud platforms through Kaseya VSA endpoint agents for initial access to deliver malicious scripts. eSentire discovered the threat and notified Kaseya of the intrusions, resulting in multiple security fixes.


Sponsor message - content continues below this message

the 2023 '18th annual' Global Top Ranking Performer Awards NOW OPEN

Enter your Center, Strategy, Technology Innovation, Teams and Individuals into the ONLY TRULY GLOBAL awards program - regarded by many as being like the Olympics for the Contact Center World! Join the best from over 80 nations and compete for the most prestigious awards out there!

FIND OUT MORE HERE


Content continues ….

539% Increase in Consumer-Grade Router Attacks

The report also indicates a dramatic increase in attacks targeting popular consumer-grade routers, like Netgear and Linksys (both of whom own a significant share of the consumer network device market, at 51% and 26% respectively*), – eSentire saw a 539% increase from Q4 2017 to Q1 2018.

Trending in router exploitations was first observed in late 2017 when the Reaper Botnet gained media attention. Additionally, intrusion attempts across industries grew 36%, mostly due to DNS manipulation in consumer-grade routers. These manipulations allow attackers to redirect victims to malicious infrastructure to achieve a variety of results, including malware and phishing landing pages. Other exploits focused on consumer-grade routers.

"The increase in attacks against consumer network devices can be attributed to the perceived value in recruiting devices for attacks against businesses, as opposed to leveraging them as potential network entry-points," said Sprickerhoff.

Additional Report Findings:

  • Phishing rose 39% across industries, with DocuSign, Office 365, and OneDrive as the most popular lures. Office 365 showed the highest success rate and popularity, growing 5x over 2017 despite DocuSign being the most popular lure used.

  • Education, retail, biotechnology, construction, and non-profit organizations saw the greatest rise in exploit attempts due to a high degree of consumer-grade router exploit attempts, brute forcing, and web server exploit attempts.

  • Most brute force attacks originated from infrastructure based in China, followed by the United States, Germany, and Russia.

  • Malicious code (+35%) and phishing (+39%) saw increases in the first quarter of 2018 with malicious code incidents continuing to favor email as a delivery vector.

"While industry sentiment is focused on the ever-changing threat landscape, the data suggests that it’s the cybercriminal landscape that’s shifting. As we continue to see successful efforts in disrupting malicious infrastructure and comprehensive threat blocking, cybercriminals are forced to diversify their hacking methods. They’re pivoting to use new methods for sustaining infrastructure," said Sprickerhoff. "Technology is changing rapidly, and as it does, attackers are shifting their techniques to match. The increase in router-based attacks is a prime example."

Methodology

The eSentire Threat Intelligence team used data gathered from 1,500+ proprietary network and host-based detection sensors distributed globally across multiple industries. Raw data was normalized and aggregated using automated machine-based processing methods. Processed data was reviewed by a visual data analyst applying quantitative analysis methods. Quantitative intelligence analysis results were further processed by a qualitative intelligence analyst resulting in a written analytical product.

eSentire’s 2018 Q1 Threat Report provides a quarterly snapshot, analyzing all cyber threat events investigated by the eSentire Security Operations Center (SOC), while addressing three key areas: threat types, threat volume, and attack types. Each topic is divided into multiple sections, including visual data analysis, written analytical analysis, practical recommendations, and key assumptions. The report concludes with takeaways and recommended actions that organizations can take to protect their business networks from compromise, including protecting against vulnerability exploit and router compromise, revisiting organizational awareness training programs to protect against phishing, and protecting against opportunistic threat like PowerShell-based attacks.

#contactcenterworld, @eSentire, @mrb_pr


About eSentire, Inc.:
Company LogoeSentire® keeps mid-size organizations safe from constantly evolving cyber attacks that traditional security defenses simply can’t detect. eSentire combines people, process and technology to deliver an unmatched, premium level service that detects, remediates and communicates sophisticated cyber threats in real-time, 24/7.
Company RSS Feed   Company Twitter   Company YouTube   Company LinkedIn   Company Profile Page

About MRB PR:
Company LogoMRB PR is a public relations company.
Company RSS Feed   Company Facebook   Company Twitter   Company LinkedIn   Company Profile Page

Today's Tip of the Day - Disability Laws

Read today's tip or listen to it on podcast.

Published: Thursday, June 28, 2018

Printer Friendly Version Printer friendly version

2023 Buyers Guide Business Continuity

 
1.) 
Eckoh

CallGuard Remote
A flexible way to take secure, PCI DSS compliant payments from home or remote locations. It’s quick to deploy needs no changes to processes or systems.

CallGuard Remote prevents agents from seeing, hearing or recording card details so, the agent, their screen, and any call recordings are removed from the scope of PCI DSS.

This simple approach means the customer effectively types their own payment information into the agent’s payment screen, but with the card details being shielded from the agent’s view. It’s simple, and highly effective.

2.) 
OpsTel Services

SPEED & PLUS
The SPEED solution solves for service level issues while cost optimizing the environment with automation.

Provides an enhanced way to speed up & optimize invoking temporary agent skills configuration changes into the contact center environment.

Speed allows you to schedule both future changes & temporary changes that auto-revert back to the original state when scheduled time expires.

Speed features:

*Automated / Scheduled Temporary Agent Skills Configuration Management
*Immediate Temporary or Reoccurring Schedule Skills Configuration Changes
*Easy to Use/Operations Administration Focused
*Descriptive Monitoring Activity Dashboard
*Detailed “End to End’ Audit Trail and Perfor...
(read more)

3.) 
Vads

VADS Business Continuity Plan
VADS provides a business continuity plan by providing full outsource services and manage services. we've provided this to several clients. You can contact us for a detailed study case.

4.) 
Teckinfo Solutions Pvt. Ltd.

InterDialog UCCS
Adapting to the new normal contact center industry has to be ready for work from anywhere agents to maintain business continuity. Even when working from remote locations, the work from home agents or remote agents need to be monitored for smooth customer service operations or effective tele sales.

InterDialog UCCS with its work from home agent ready call center software helps you to have complete control over your contact center operations. Agents can log in from any where , home, office or any other place where they are through their mobile phone or desktop , or even through our ID mobile app . With centralized recording & reporting , you gain visibility of all contact center metrics , and you can manage your center the same way as you were doing when working from office.
 

About us - in 60 seconds!

Submit Event

Upcoming Events

Europe's leading call & contact center event is now arriving at the U.S., showcasing the latest and most effective technologies, strategies and advancements to industry professionals who are looking to excel in the customer engagement world!

Disco... Read More...
 404 

Newsletter Registration

Please check to agree to be placed on the eNewsletter mailing list.

Latest Americas Newsletter
both ids empty
session userid =
session UserTempID =
session adminlevel =
session blnTempHelpChatShow =
CMS =
session cookie set = True
session page-view-total = 1
session page-view-total = 1
applicaiton blnAwardsClosed =
session blnCompletedAwardInterestPopup =
session blnCheckNewsletterInterestPopup =
session blnCompletedNewsletterInterestPopup =