CrossRealms

Crossrealms International, a premier legal and enterprise IT managed services and consulting company, announced a Joint Venture with Veristar, a premier legal services delivery firm. This Joint Venture will accelerate both firm’s offerings and solutions for corporate legal departments and law firms, creating a digital transformation of a full litigation IT services company with a consulting company, the first of its kind in the industry. The synergies between our companies both in service offerings and the caliber of the combined Crossrealms International and Veristar teams allows us to bring a breadth and depth of services to our corporate legal and law firm clients that does not currently exist” said Jeff Schwarz co-founder and Director of Crossrealms International. Uniquely positioned in the industry as both legal and enterprise industry IT services, CrossRealms International also partners with the industry’s leading vendors to equip organizations to better enable their clients’ present and future success.

Palo Alto Networks latest software update, known as PAN-OS 9.1, has officially changed the log format for VPN/GlobalProtect logs. Log Format ● GlobalProtect data is present in the pan:globalprotect sourcetype We’ve received this news from several Splunk users as they’re dismissing the VPN dashboards from the Remote Work Insights – Executive Dashboard app for Splunk because of it. As you can see from the screenshot below, it shows successful logins from Netherlands, which can’t be true for our Splunk environment, since we have a policy configured on Palo Alto to only allow connections from the United States and Mexico.

About Us Seven methods to protect your organization from ransomware Businesses of all sizes are becoming targets of ransomware campaigns at blazing speed as cybercriminals, with increasing sophistication, hack into computer systems and mobile devices with the goal of stealing and or locking out companies from their sensitive data to later demand a ransom for retrieval. The increase steadily continued as in 2019, 58% of organizations were affected by these attacks, with 2020 reporting a disturbing 62%.Fortunately, there is a variety of methods today’s businesses can use to safeguard themselves and their assets from ransomware attacks. Best practices for passwords include making sure they are complex and long, do not use the same password for multiple accounts, and be sure to change your passwords regularly. These seven methods are great building blocks for establishing a strong line of defense against ransomware, but as we’ve seen with the increasingly advanced capabilities of cybercriminals, it’s important to keep an eye on trends and make sure an organization is up to date on technology available that can help keep it safe.

We’ve recently added Sysmon 13 support to our Cyences App in order to detect some of the latest malware/ransomware techniques [Mailto/defray777 ransomware, TrickBot, and BazarBackdoor]. Sysmon 13 lets us monitor the activity of Windows 10 processes and can now detect process hollowing or process herpaderping techniques which would normally not be visible in Task Manager. Process hollowing is when malware launches a legitimate process in a suspended state and replaces legitimate code in the process with malicious code. Process herpaderping is where malware modifies its image on the disk to look like legitimate software after the malware is loaded. When security software scans the on-disk file, it will see a harmless file while the malicious code runs in memory.