Blog

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/22 The Evolving Landscape of Distributed Application Security: Beyond Network Firewalls (F5) With the dispersion of application services across highly distributed environments, security has become an infinitely more complex endeavor. https://bit.ly/3MNtaRB The Seven Types of Non-human Identities to Secure (CyberArk) Being aware of all the different identity types in your organization and understanding all the different security needs that must be considered are the first steps to building a co... read more.

• June 02, 2023

By Steve Gold, Posted in Security

You can’t protect what you can’t see! You can’t protect what you can’t see! You can’t protect what you can’t see!  Anybody seeing a theme here? Establishing a process to inventory where your data lives (on-premises storage, mail platforms, endpoints, mobile devices, cloud storage, cloud infrastructure, blah, blah, blah) is the first step in building a data management framework. The second step is to establish labels for your data to understand what data you shoul... read more.

• June 01, 2023

By Steve Gold, Posted in Security

If you get the joke behind the title, you’re either as old as I am or spend hours on the Internet searching for 80’s commercials. Either way, good on ya! In 2006, Clive Humby, a British mathematician and data science entrepreneur, coined the phrase “Data is the new oil.” Humby meant that data, like oil, isn't useful in its raw state. It needs to be refined, processed, and turned into something useful; its value lies in its potential. Many others have come up with different interpret... read more.

• May 23, 2023

By Kevin Santarina, Posted in Security

If you haven’t read tech news in the last week or two, would you have thought twice about clicking on these links if they were embedded into an email? This past month, Google introduced eight new top-level domains that are publicly available for registration. Among them are two very commonly recognized file extensions, .zip and .mov. The .zip extension is one of those file extensions used to indicate to a user that they are about to receive a collection of files, PDFs, documents, installers, etc., a... read more.

• May 23, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/15 The Value of Holistic Visibility: Putting it All Together (Arctic Wolf) Organizations have too many tools feeding them more information than their staff can handle, and partially because those tools are siloed off and improperly managed, preventing comprehensive information and complete understanding of what’s happening within an organization’s IT infrastructure. https://bit.ly/44VGWsB Ransomware Roundup – Maori (Fortinet) FortiGuard Labs recently came across a new ransomw... read more.

• May 19, 2023

By Steve Gold, Posted in Security

If you’ve ever challenged a rule your parents set, you’ve probably heard the phrase, “As long as you live in my house, you’ll live by my rules”. Sometimes, if you’re lucky, it’s followed up with, “You can do whatever you want when you have your own home”. So, what do these painful childhood memories have to do with security? I’m so glad you asked! Your parents established certain rules/processes to ensure that the home, and everyone in it, is prot... read more.

• May 16, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/8 The Importance of Identity and Access Management (Arctic Wolf) Proper IAM management is a discipline that involves people, processes, and technologies, and is an ongoing journey that follows what is referred to as the access management lifecycle. https://bit.ly/3M6jZLI Cyber as a Shared Responsibility; How Rubrik and Zscaler Stepped Forward (Rubrik) Over the past few years as ransomware and other threats have increased, private sector companies have embarked on aggressive journeys to reduce... read more.

• May 12, 2023

By Steve Gold, Posted in Security

Hopefully by now you’re seeing a trend. You need full visibility into your environment and you also need both the visibility and capability to remove any unauthorized assets or software. I know this may seem kind of basic, but remember, we are only at Control 2. Wait till we get to Control 17 and start discussing Incident Response. But let’s not get ahead of ourselves just yet. After all, we are working with a prescriptive, prioritized, and simplified set of best practices. In the previous blog... read more.

• May 09, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/1 Why Ransomware and Business Email Compromise Remain Top Attack Types (Arctic Wolf) The continued increase in cybercrime and breach attempts is not a new trend. For years now, the percentages have ticked upwards, and though cybersecurity has evolved, so have hackers seeking data, money, or infamy. https://bit.ly/3VjwGpm AI Powers the Branch of the Future, Today (Palo Alto Networks) With the establishment of hybrid work as a long-term trend and the exponential increase in cloud usage, organiza... read more.

• May 05, 2023

By Tim Husar, Posted in Infrastructure, Support

Recently, a client became locked out of the HPE ILO Administrative account on six VMware ESXi hosts. The direct route to fixing this involves downtime, and solutions that could be done online couldn’t be found. We were able to review the HPE REST API documentation and resolve the issue by following the steps below. The HPE ESXi must have been installed or updated with the VMware Custom HPE Software. Enable SSH on the target HPE host. Log into the host with the root account or equivalent. Change... read more.

• May 04, 2023