By Eric Corcoran, Posted in Technology Week in Review

Monday 4/18 ICYMI: Gotham’s CTO, Ken Phelan, was joined by Palo Alto Networks’ Field CTO, Jason Georgi, where they discussed Secure Access Service Edge (SASE) and if the technology is ready for primetime. See the link below for the full video. Wide Open Outbound Firewall Policy – Part 1 Although the open policy allows for ease of use (for systems administrators), it also introduces significant risks attached to users operating applications that are in the range f... read more.

  • April 22, 2022

By Timothy Karl, Posted in Infrastructure, Security, Support, Virtualization

Citrix recently released the first new LTSR version of Citrix Virtual Apps and Desktops in over two years. Here is what I feel are the top 5 new features and enhancements available in 2203: #1 - Microsoft Teams Optimizations Citrix has added a lot of functionally to Microsoft Teams optimizations over the last two years that were until now only available in current releases. These new functionalities in the latest LTSR release include: App sharing Multimonitor screen sharing DTMF support Proxy server... read more.

  • April 15, 2022

By Michael Hawkins, Posted in Security

This is part 1 of a discussion around wide open outbound Internet access policy. We encounter many clients that have no outbound restrictions in place on their firewall policy. Their firewall is essentially wide open to the Internet, because they allow any machine on the internal network to make connections to any explicit Internet host on any service port. Essentially, they have a rule (or rules) that says “allow my entire internal network to reach all Internet destinations for any application for a... read more.

  • April 15, 2022

By Eric Corcoran, Posted in Technology Week in Review

Tuesday 4/5 Spring4Shell flaw: Here's why it matters, and what you should do about it While there was initial debate about how serious the bug is, sleuthing by security researchers in the days afterwards after the flaw was discovered revealed that Spring4Shell was indeed a serious bug that warranted attention. From SolarWinds to Log4j: The global impact of today’s cybersecurity vulnerabilities (Check Point) The case for organizations of all shapes and sizes to have a compre... read more.

  • April 08, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/28 CISA Adds 66 Known Exploited Vulnerabilities to Catalog CISA has added 66 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. From the Shotgun Approach to Triple Extortion: The Evolving Ransomware Threat (Fortinet) Although overall ransomware remains a top concern, there ar... read more.

  • April 01, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/21 Cloud Services Under Attack: Closing the Virtual Open Doors to Cyber Crime (Check Point) Tightening cloud security isn’t just about having the right products and services in place, it’s also about nurturing a security-first mentality within an organization as a whole. What Is a Botnet? Definition and Prevention (Varonis) Botnets can be used in other ways and have been known to be leveraged by criminal hacker groups to steal data and further compromise othe... read more.

  • March 25, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/14 A Defense-in-Depth Strategy to Phishing Prevention (Proofpoint) As the threat landscape continues to evolve, organizations need to invest in multilayered defenses to stop threats that target people. It’s important to shift budgets as necessary to the threats causing the greatest risk and impact to organizations. Key Findings from the 2H 2021 FortiGuard Labs Threat Report (Fortinet) The 2021 threat landscape presented several new challenges for security teams. Bu... read more.

  • March 18, 2022

By Nancy Rand, Posted in Security

The PCI Council published a blog announcing the coming of PCI DSS version 4.0 at the end of March 2022 The blog contains a PCI DSS Version 4.0 Implementation timeline. The new standard document, the Summary of Changes v3.2.1 to 4.0 will be released along with the Report on Compliance ROC Template and Attestations of Compliance AOC documents at the end of March 2022. The Self-Assessment Questionnaires SAQs will be available shortly after. Tr... read more.

  • March 17, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/7 Your Blueprint to Implement an Insider Threat Management Program (Proofpoint) Organizations need to adopt a new mindset to efficiently adapt to this new normal, one that enables a transformation of their insider threat management strategies. It starts by understanding the insider threat risk. Service Continuity in Citrix Cloud: A recipe for resiliency Citrix admins can put service continuity to the test and proceed with enabling it in their production environment. If y... read more.

  • March 11, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 2/21 Simplify IT administration with Workspace Environment Management (Citrix) The Scripted Task solution in Workspace Environment Management (WEM) helps to simplify the management of your daily tasks through these scripts, ensuring the security of the scripts you’re deploying and running without adding complexity to your day. 6 Ways Big Data Analytics Can Drive Down Costs (Pure Storage) More businesses are using big data to cut costs and increase profits. It’s... read more.

  • March 04, 2022