Incident Response
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F1glx2tSk38wuBT4ft5ZbBk%2F163fc2cd38904a69fbe221123a8d425b%2FCoalition_MDR_Blog_-5_Header__Option_A_.png&w=3840&q=75)
Blog
The Mission of a Strategic Cyber Pro
A strategic cyber pro must achieve an appropriate risk posture, plan ahead to minimize damage, and find creative ways to drive business value.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F1L83sFlkY7IfOpVqKqrklm%2F8839bb5d3336c3d8885c93d35e2aab51%2FCoalition_MDR_Blog_-4_Header__Option_B_.png&w=3840&q=75)
Blog
How MDR Elevates the Role of In-house Security and IT Teams
A managed detection and response (MDR) service is like having your own security operations center but at a more manageable cost.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F23Rrls3Gd4VHn0g7ycJo0h%2Fb1fa118e2ee7a2a60232cd72e427a95a%2FCoalition_MDR_Blog_-1_Header.png&w=3840&q=75)
Blog
Cybersecurity Burnout Is Crushing Your Effectiveness
When security professionals are drowning in alerts or not getting them at all, the truly harmful cyber threats can slip through the cracks.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F276RMh52vEEBfRj1WDwH6l%2F512511c420b4dd874e1ae78c8edb927a%2FBlog-Newsletter-Header-June.jpg&w=3840&q=75)
Blog
Familiar Threat Actor Attack Tactics Find New Life
Changes in technology are prompting threat actors to revive old attack methods that may seem ordinary on the surface but still lead to cyber insurance claims.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F5wHDfACJaihbx5nGusAE2q%2F30012857bb63b92785d5580c1412da5e%2FSecurity-Labs-SEOPoisoning.jpg&w=3840&q=75)
Blog
SEO Poisoning Attacks Demand More Scrutiny from Search Engine Users
Threat actors are capitalizing on the trust we put in search engines by hiding malicious websites in plain sight using a tactic known as SEO poisoning.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F4TnBj3IW4IORoIe9xWEaR7%2F9be323701fd2559cfc662a510495ccbd%2FSecurity-Labs-SIM-Swapping_Extortion.jpg&w=3840&q=75)
Blog
Threat Actor Claims 100% Success With SIM-Swapping Extortion
SIM-swapping extortion attacks are on the rise due to self-service password resets, which help threat actors bypass interaction with their victims.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F24cYVhiQ9MfoTiPrJ2QWQW%2Fe256ca488d0d6afa31fa652c458a5412%2FBlog_Not_All_Endpoint_Security_Solutions_Are_Created_Equal.jpg&w=3840&q=75)
Blog
Not All Endpoint Security Solutions Are Created Equal
As more businesses adopt endpoint security solutions, a clear disconnect has emerged between how they’re marketed and how they truly function.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F2q0NLVHJ4byIG3tqWezuQi%2F8751734c3bc316ac91e2a87076cf430a%2FBlog_Timely-Reporting.png&w=3840&q=75)
Blog
Timely Reporting Can Be the Deciding Factor in Cyber Insurance
The cyber insurance industry must work to normalize the reporting of suspicious activity and encourage businesses to use the resources at their disposal.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F7ufiTsITFka0PfBzv7OA7r%2F49e21a605f35dfec97ac3108c81c06f1%2FUK_FTF_Blog.jpg&w=3840&q=75)
Blog
Lifting the Lid on Cybercrime: Funds Transfer Fraud
Mark Bird talks UK cybercrime, how the landscape has changed, where Funds Transfer Fraud attacks originate and how to protect against them.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F3Bra2ENCNKJXa7pEfMhqqh%2F783981a306fce81c65bf34859510a582%2FBlog_april-newsletter__1_.png&w=3840&q=75)
Blog
The Double-Edged Sword of Using Boundary Devices
Boundary devices can help mitigate cyber threats and enable secure remote access. However, these technologies are often directly targeted in cyber attacks.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F3M0bsgMw6yBymSKCJqPDvu%2Fe01f07384817b68db54aed7f2b61362e%2FCoalition_Blog-Ready_to_Report.jpg&w=3840&q=75)
Blog
Cyber Incident Reporting: Important Questions to Ask for Essential Business Planning
Cyber incident reporting obligations can be complex. Businesses must consider how they will meet the requirements before an incident to expedite the process.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F60AxWV6Y0etLTLatdVBKYz%2Faa4c2a43501e579c29dd05cb4cbfadcd%2FLockBit_ConnectWise_ScreenConnect.png&w=3840&q=75)
Blog
LockBit Ransomware Used in Exploitation of ConnectWise ScreenConnect
Coalition Incident Response has discovered a link between the LockBit ransomware gang and the ConnectWise ScreenConnect vulnerabilities.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F7DJ9OCR1ge6Zpw8d5JDUnO%2F9903b86927e98b6aaa725211e75378b3%2FBlog_Cyber-Tax-Fraud.png&w=3840&q=75)
Blog
Common Cyber Tax Fraud Schemes (and How to Help Mitigate Them)
During tax season, businesses tend to unknowingly lower their defenses to attackers — and almost all cyber tax fraud starts with a phishing email.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F28oI7DIG04euRoYt3j0ZlP%2Fc3cf70f3e5d10533b2cc8e5cfaf73b45%2FBlog_MDR-MFA.png&w=3840&q=75)
Blog
Why MDR is the Next MFA for Cyber Insurance
Cyber insurance providers are increasingly encouraging businesses to implement MDR — if not incentivizing it — just as they did with MFA.
![](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fo2pgk9gufvga%2F3thnbLPfhIsoVPH5uFuQIe%2Fbb97a89f49b374f34aec31a57f3fb223%2FIvanti_Security_Alert_Security-Labs__1_.png&w=3840&q=75)