Blog

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/18 Speed kills: AI coding tools revive old-school hacks (ReversingLabs) The adoption of AI coding tools has exploded in recent years with their promise of speeding development and automating time-consuming manual tasks such as code audits. But the tools bypass a wide range of accepted security standards — and introduce serious risks for development teams, the researchers warned.  https://www.reversinglabs.com/blog/ai-coding-tools-old-school-hacks DataOps: Optimizing the Data Experien... read more.

  • August 22, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation CIS Safeguard 5.6: Centralize Account Management In Thor: Ragnarok, there’s a memorable and comical scene where Thor is trying to escape Sakaar aboard a QuinJet. Thor starts the QuinJet with the panel green. QUINJET (V.O.): Voice verification required. THOR: Thor. QUINJET (V.O.): Access denied. THOR: Thor, son of Odin. QUINJET (V.O.): Access denied. THOR: God of Thunder. QUINJET (V.O.): Ac... read more.

  • August 19, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/11 From Cloud to Hybrid: 360° Runtime Protection, Anywhere You Run (Wiz) Securing hybrid infrastructure requires more than just extending existing tools. It demands a new approach that connects workload insights with broader infrastructure context, all in real-time. https://www.wiz.io/blog/from-cloud-to-hybrid-360deg-runtime-protection-anywhere-you-run How to Prevent Helpdesk Social Engineering Attacks (HYPR) Helpdesks are critical support hubs, but their central role makes them prime targ... read more.

  • August 15, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation Mission: Impossible and the Mystery of Service Accounts — Why You Need an Inventory In Mission: Impossible, Ethan Hunt and his team rely on stealth, precision, and insider knowledge to infiltrate secure systems and extract sensitive data. But imagine if the IMF (Impossible Mission Force) didn’t know who had access to what. Chaos, right? That’s exactly what happens in many organizations wh... read more.

  • August 13, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/4 How to mitigate AI-powered social engineering attacks (Delinea) AI can convincingly simulate identities across multiple channels and formats, making AI-powered social engineering attacks more convincing and likely to fool even the savviest, most security-conscious employees. Additionally, AI can execute attacks at scale, learn from its successes, and continually become smarter and stealthier. https://delinea.com/blog/how-to-mitigate-ai-powered-social-engineering-attacks Exploiting Direct Send... read more.

  • August 08, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/28 Redefining DNS Protection (Palo Alto Networks) Advanced DNS Resolver (ADNSR) is purpose-built for this modern reality, delivering intelligent threat prevention with effortless deployment. As a cloud-delivered DNS resolution service, complete with 99.999% availability, ADNSR makes it easy to protect your entire organization, regardless of where your users or infrastructure reside. https://www.paloaltonetworks.com/blog/2025/07/redefining-dns-protection/ How the Enterprise Browser Neutralizes t... read more.

  • August 01, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation The Last of Us” and the Last Line of Defense: Why Remote Wipe Matters in Cybersecurity In HBO’s The Last of Us, society collapses after a fungal infection turns most of humanity into mindless, infected hosts. The few survivors cling to safety behind fortified walls, constantly on guard against threats that could breach their defenses. It’s a gripping metaphor for the modern cybersecurity l... read more.

  • July 29, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/14 XenServer: Powering your present, readying your future, and now available for all workloads (Citrix) XenServer is widening its support statement to embrace all types of workloads. This isn’t just a minor update; it’s a strategic move to address the very real challenges facing our customers today, offering a powerful, cost-effective, and versatile hypervisor for your entire virtualized infrastructure. https://www.citrix.com/blogs/2025/07/09/xenserver-now-available-for-all-workloads... read more.

  • July 25, 2025

By Ed Bratter, Posted in Infrastructure

Security of an Active Directory (AD) infrastructure can be significantly increased by deploying Active Directory Certificate Services (AD CS) and installing certificates on domain controllers (DC). AD CS plays a foundational role for enabling certificate-based security across a range of services in AD. Some notable security enhancements are as follows:  Securing AD communication between domain joined machines. Allow for securing LDAP traffic, which by default is not encrypted. This means that cre... read more.

  • July 22, 2025

By Timothy Karl, Posted in Infrastructure

Microsoft has officially set the end-of-life date for both Exchange Server 2016 and Exchange Server 2019: October 14, 2025. That might sound like a long way off, but in IT terms, it’s right around the corner, especially if your organization still relies on Exchange for SMTP relay, hybrid identity, or legacy app integration. Here’s what’s changing and how to prepare. What’s Replacing Exchange 2016 and 2019? Instead of releasing a new standalone version of Exchange, Microsoft is mov... read more.

  • July 22, 2025