Monday 10/30
ICYMI: Gotham’s CTO, Ken Phelan, met with Secure Network Technologies’ President, Steve Stasiukonis, to discuss the steps you need to take during a cybersecurity event.
See the link below for the full video.
https://youtu.be/u6J7BV5cImQ
Skeleton Keys and Local Admin Passwords: A Cautionary Tale (CyberArk)
In today’s complex enterprise landscape, the prevalent use of what can be termed as “modern digital skeleton keys” – local administrator accounts – poses a significant risk to organizational cybersecurity.
https://bit.ly/45W8mO2
The Lack of Value in Hard Disk Drives Could Cost You More than You Know (Pure Storage)
In the past, disk may have been the more economical choice for data repositories, but that’s no longer the case. See why all-flash is now the most economical choice for any workload or data.
https://bit.ly/47bpa4Q
Tuesday 10/31
Patch Tuesday Turns 20: The Growth and Impact of Microsoft’s Vulnerability Problem (CrowdStrike)
By consolidating the majority of security updates and required patches into a planned release cycle, IT departments and system administrators could better plan and allocate resources to eliminate some of the chaos that followed a patch release. To this day, Patch Tuesday persists. Microsoft still releases security updates on the second Tuesday of every month
https://bit.ly/3tV9AvJ
7 Types of Social Engineering Attacks (Arctic Wolf)
According to the 2023 Verizon Data Breach Investigations Report, 74% of breaches last year involved the human element, including “error, privilege misuse, use of stolen credentials, or social engineering.” In addition, Arctic Wolf’s own research showed user action as the root point of compromise for 28% of incidents in 2022.
https://bit.ly/4620L0I
Wednesday 11/1
Would You Like to Play a Game? ft. Bryon Singh, RailWorks Corporation
https://www.gothamtg.com/blog/would-you-like-to-play-a-game
Strong Password Best Practices and MFA (Fortinet)
Using strong passwords is essential to safeguarding our personal and financial information from cybercriminals. Criminals cunningly steal personal credentials, gaining unauthorized access to valuable accounts.
https://bit.ly/3FFNcsR
Security Brief: TA571 Delivers IcedID Forked Loader (Proofpoint)
Proofpoint researchers identified TA571 delivering the Forked variant of IcedID in two campaigns on 11 and 18 October 2023. Both campaigns included over 6,000 messages, each impacting over 1,200 customers in a variety of industries globally
https://bit.ly/47c5sWD
Thursday 11/2
Use Citrix Profile Management to effectively manage your user profile storage (Citrix)
With the introduction of our new Citrix Profile Management features, IT admins can now implement policies to manage user profile storage. This allows for a more efficient use of storage resources by separating machine dependent data from user data and removing machine data redundancy.
https://bit.ly/3MORMt1
What Is Identity Assurance and Why Is It Needed (HYPR)
As both workforce and consumer demands grow, there's a critical need for robust solutions that can manage the entire identity lifecycle, securely linking an individual's identity with who they claim to be.
https://bit.ly/49izdXs
Friday 11/3
Why OSS Packages Can’t Scale without New Security Measures (Check Point)
While the open-source software (OSS) ecosystem has unlocked great potential, it has also spawned significant security challenges, highlighting the pressing need for more robust measures to safeguard these widely used packages.
https://bit.ly/49yS8h9
Navigating the Complex Threat Landscape — Key Takeaways for CISOs (Palo Alto Networks)
Attackers are becoming more tenacious and resilient to defense. Defenders can take a few steps to match those changes and improve their own organization’s resilience.
https://bit.ly/3Snbr6D