Netsurion logo Netsurion logo
  • Managed Threat Protection
    Back
    Managed Threat Protection
    EventTracker

    Powerful threat prediction, prevention, detection, and response along with compliance in a scalable, simple managed solution.

    • Solution Overview Managed Threat Protection
    • Platform Details Threat Protection Platform
    CapabilitiesKey Capabilities
      Back
      Key Capabilities
    • Security Operations Center
    • SIEM
    • Endpoint Security
    • Threat Detection & Response
    • Intrusion Detection
    • Vulnerability Management
    • Threat Hunting
    • Ransomware Protection
    • Microsoft 365 Security
    • Regulatory Compliance
    Business ApplicationsBusiness Applications
      Back
      Business Applications
    • Private Equity
    • Banking & Financial Services
    • Healthcare & Pharmaceutical
    • Retail & Hospitality
  • Secure Edge Networking
    Back
    Secure Edge Networking

    acumera

    ANNOUNCEMENT
    Acumera Acquires Netsurion's Secure Edge Networking.

    Whether you have 10 locations or 10,000+, Acumera’s combination of edge computing, networking, security, and 24x7 support gives you the flexibility to manage and scale your distributed networks while unlocking unlimited possibilities for innovation. As network security leaders and edge originators, Acumera combines the immediacy of localized computing with the power of the cloud, enabling real-time computation to deliver value to your business. Read More

  • Partners
    Back
    Partners
    Partner Program Overview

    Accelerate business growth through our award-winning partner program.

    • Partner Program Overview
    • Managed Service Provider Program
    Partner Program Overview Image
  • Insights
    Back
    Insights
    Insights
    • View All
    • Cybersecurity
    • Compliance
    • SOC Catch of the Day
    • Cybersecurity Q&A Series
    • Webcasts & Events
    Insights Image
  • Company
    Back
    Company
    About Us
    • About Netsurion
    • Why Netsurion
    • Leadership
    • News
    • Careers
    • Contact Us
    About Us Image
  • Support
  • Support
  • myNetsurion
  • Contact Us
  • How to Buy

SOC Catch of the Day

We review billions of logs daily to keep you safe from advanced threats.

HomeInsights Catch of the Day Phony Performance Warning Foiled

Phony Performance Warning Foiled

The Network:  Our customer is a well-known law firm with more than 350 lawyers practicing across the globe who counsel multinational corporations, privately held and family-owned businesses, individual and institutional investors, educational and research institutions, and other clients in a broad range of legal disciplines.

The Expectation: The primary user is not an IT professional and therefore must be kept safe against malware that is prevalent today. Endpoints are carefully maintained with patching and a brand name anti-virus program. However, end users may make poor decisions, and cyber attackers will exploit every possible vector, so monitoring is needed.  Netsurion's Managed Threat Protection enables the global law firm to protect sensitive client data from insider threats as well as external hackers.

The Catch: Netsurion’s SOC (Security Operations Center) team observed an undesirable process executing on the customer’s workstation. It was permitted to do so by the brand name anti-virus software. The executable was digitally signed with a certificate from Symantec.

The Find: The undesirable program masquerades as Advanced PC Care and displays misleading information about the computer's performance. It then asks the end user to pay to fix the issues.

The Fix: Netsurion’s SOC promptly alerted the administrator to uninstall this program and properly scan the target. The program was bundled with a malicious YouTube installer that the end user had not noticed.

The Lesson: User training is critical, but the best of us can succumb given the sheer volume of malware that we face every day. Administrations must trust but verify user actions. Your security analysts will be proactively notified by Netsurion’s SOC when high-risk incidents occur, so that appropriate action occurs quickly to minimize dwell time.

Related Catches
  • Dubious Document Destroyed at Law Firm
  • Vulnerable VoIP
  • Man-in-the-middle Disrupted at Multinational
Latest Catches
  • MITRE ATT&CK Guides MSP on Cobalt Strike Threat Mitigation
  • PowerShell Threat Neutralized by MSP of Financial Client
  • Crypto mining via PowerShell Caught at Retailer
Catch of the Day Catch of the Day RSS Feed

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept

Contact Us

  • (713) 929-0200
  • Customer Support
  • partners@netsurion.com
  • sales@netsurion.com

Partners

  • Partner Program Overview
  • Managed Service Provider Program
  • Partner Portal Login

Quick Links

  • Why Netsurion?
  • Blog
  • Careers
  • Managed Threat Protection

Follow Us:

Stay in the Loop

  • Terms of Use
  • |
  • Privacy Policy
  • |
  • Soc 2 Type 2 Compliant
  • |
  • Contact Us
  • |
  • Sitemap
  • |

Copyright © 2022 Netsurion. All rights reserved.