Blog

By Nancy Rand, Posted in Security

The PCI Security Standards Council, PCI SSC, published a new version of the Secure Software Standard and its supporting program documentation on 4/29/2021. https://www.pcisecuritystandards.org/about_us/press_releases/pr_04292021 This version includes a new Terminal Software Module that contains requirements for software used on PCI-approved PIN Transaction Security (PTS) Point-of-Interaction (POI) devices. There are currently two other modules in this Standard: The “Core” module that contai... read more.

  • May 18, 2021

By Nancy Rand, Posted in Infrastructure, Security

The Cloud Security Alliance released two new research documents to provide guidance on Cloud Incident Response and Consuming and Providing APIs. https://cloudsecurityalliance.org/artifacts/cloud-incident-response-framework/?utm_source=email https://cloudsecurityalliance.org/artifacts/security-guidelines-for-providing-and-consuming-apis/?utm_source=email Cloud Incident Response provides a framework for handling the lifecycle of a security incident in the cloud and discusses what information is shared inte... read more.

  • May 18, 2021

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/3 State of Application Strategy 2021: Unpacking the Current and Future State of Application Security and Delivery* (F5) The future of application security and delivery technologies is driven by digital transformation and the need to collect, analyze, and act on data to positively impact business outcomes. The future of business is digital, and that means applications—and the technologies that deliver and secure them—are the heart of business. https://bit.ly/3uhBiOx Between a Rock an... read more.

  • May 14, 2021

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/26 DNS Management Just Got Easier with General Availability of Primary DNS Service on F5 Cloud DNS As enterprises realize that they need a DNS solution capable of supporting their adaptive applications, they look for solutions that match their need for automation, speed, and ability to respond to infrastructure changes in seconds rather than hours. https://bit.ly/2PqKzVq The Need for Adaptive Cloud Security to Protect All Environments (Fortinet) Security needs to be end-to-end, following data... read more.

  • April 30, 2021

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/19 Hacking Operational Technology for Defense: Lessons Learned From OT Red Teaming Smart Meter Control Infrastructure (FireEye) Focusing collection, detection, and hunting efforts on assets or information that are likely to be compromised during these phases presents defenders with strategic opportunities to hunt for and detect targeted adversary activity before it poses a risk to control systems. https://bit.ly/3twseoP Microsoft Continues to be Most Imitated Brand for Phishing Attempts in Q1 2... read more.

  • April 23, 2021

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/12 It’s Time to Take a New Path to SASE (Forcepoint) With people and data moving everywhere, security has to be agile to keep up. Now, the key issue facing many organizations is how to most effectively provide safe access to corporate resources on the web, in cloud apps and in internal, private apps anywhere, while keeping data safe everywhere. https://bit.ly/3sbi1wq IcedID Banking Trojan Surges: The New Emotet? IcedID (a.k.a. BokBot), bears similarities to Emotet in that it’s a mo... read more.

  • April 16, 2021

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/5 Driving 2021 security initiatives with Citrix’s cloud-delivered security solution One of the most compelling reasons for current SD-WAN customers to adopt Citrix Secure Internet Access ties back to the unified approach across networking and security that greatly simplifies operations unlike any other solution on the market. https://bit.ly/2R970io Supply chain attacks: what we know about the SolarWinds ‘Sunburst’ exploit, and why it still matters (Check Point) What makes the... read more.

  • April 09, 2021

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/29 A Tale of Two Ransomware Attacks: Which Company Are You? (Pure Storage) Ransomware attacks became a matter of not “if” but “when,” with experts predicting a ransomware attack every 11 seconds in 2021. Sophisticated cybercriminals continue to prey on vulnerabilities, and victims are giving in to demands and handing over cash to retrieve their encrypted data. https://bit.ly/39oEwYc FBI Internet Crime Report Shows that Email Fraud Represents the Largest Financial Losses... read more.

  • April 02, 2021

By Timothy Karl, Posted in Infrastructure, Support

Today, over 85% of organizations worldwide operate on Microsoft Active Directory. In many cases, Active Directory has been in place for decades and has not been well maintained for security posture. Hackers often target Active Directory as an easy way for gaining access to a customer’s environment. Gotham has developed an Active Directory Security Risk Assessment offering to provide specific actionable guidance to mitigate security risks in your Active Directory environment. The assessment focuses on... read more.

  • March 31, 2021

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/22 Gotham has earned a spot on CRN’s 2021 Tech Elite 250 list, recognizing us as one of the top IT solution providers in North America. We are proud to continue to provide the best service for our customers. http://bit.ly/3c9xhVJ Attacker Economics and the Lure of Credential Stuffing (F5) F5 Labs and Shape Security research recently reported that credential spill incidents nearly doubled from 2016 to 2020. http://bit.ly/315H6Oe Okta and Proofpoint: Uniting People-centric Security and Id... read more.

  • March 26, 2021