This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On November 11, 2022

Monday 11/7

CISA’s New Directive BOD 23-01: The First Step in Building an Efficient Cybersecurity Posture (Cybersixgill)

Although BOD 23-01 is mandatory only for FCEB agencies, CISA recommends that all organizations review this directive and adopt its guidance to strengthen asset management and vulnerability detection practices within their networks - and enhance their organization's cyber resilience.

Fortinet Named a Leader in the 2022 Forrester Wave™ for Enterprise Firewalls (Fortinet)

FortiGate Next-generation Firewalls serve as the foundation of a converged security and networking platform and we are committed to continuously innovating our NGFW solutions to meet our customers’ evolving needs.

Tuesday 11/8

Resilient Security & Seamless Connectivity for a Cloud-First World (Palo Alto Networks)

Today’s businesses, especially critical institutions like financial services and healthcare, need a more resilient infrastructure to ensure seamless connectivity.

Password-hacking attacks are on the rise. Here's how to stop your accounts from being stolen

Cyberattacks are on the rise, with account passwords still very much the main target of hackers – particularly as many accounts are vulnerable because they lack any additional layers of protection beyond the password itself to help keep them secure.

Wednesday 11/9

Using Okta for Conditional Access to AWS Assets with MFA Validation (Okta)

Okta's integration with Amazon Web Services (AWS) allows end users to authenticate to one or more AWS accounts and gain access to specific roles using single sign-on with SAML.

How Falcon OverWatch Hunts for Out-of-Band Application Security Testing (CrowdStrike)

Some of the more stealthy adversaries will attempt to evade detection by mimicking or using tools and techniques commonly used by security testers. OverWatch works hard to separate the wheat from the chaff to detect malicious adversaries — even when they attempt to evade detection by blending in with testing activities.

Thursday 11/10

October’s Most Wanted Malware: AgentTesla Knocks Formbook off Top Spot and New Text4Shell Vulnerability Disclosed (Check Point)

Check Point Research reports a significant increase in Lokibot attacks in October, taking it to third place for the first time in five months. New vulnerability, Text4Shell, was disclosed for the first time, and AgentTesla took the top spot as the most prevalent malware

How to Improve Your Cloud Security with AWS (Arctic Wolf)

To enable organizations to achieve better security posture on either side of a breach, allowing them to address vulnerabilities before the worst-case scenario, as well as swiftly address and mitigate threats.

Friday 11/11

Major Update to Veeam Backup & Replication to Benefit Pure Customers (Pure Storage)

The release of Veeam Backup & Replication v12 brings Direct to Object support. Not only will this enable Veeam to leverage the parallelism of the all-flash scale-out architecture of FlashBlade®, it will also provide the next generation of ransomware protection through S3’s Object Lock technology.

BlackCat Ransomware: Tactics and Techniques From a Targeted Attack (Netskope)

BlackCat is also believed to be the successor of the Darkside and BlackMatter ransomware groups. They work with a double-extortion scheme, where data is stolen, encrypted, and leaked if the ransom isn’t paid, which is a common methodology implemented by RaaS groups.