Blog

By Ed Bratter, Posted in Infrastructure, Support

If you are responsible for creating Entra Conditional Access policies, you may have noticed that Microsoft has put the “Require approved client app” control on the soon-to-be-extinct list. Instead, the newer “Require app protection policy” control should be used. Microsoft stated that the older control will stop being enforced in March 2026, so it will be as if it does not exist (more information can be found here: Migrate approved client app to application protection policy in Co... read more.

  • July 24, 2024

By Steve Gold, Posted in Security

In the battle against cyber threats, the ability to recognize and report potential security incidents is crucial. Just as heroes in pop culture stories must identify and respond to danger, your workforce needs to be equipped with the knowledge and skills to spot and report cybersecurity incidents. This blog post explores the importance of training employees to recognize potential incidents and outlines best practices for reporting them, using references from popular culture to make these concepts engaging a... read more.

  • July 23, 2024

By Josue Molina, Posted in Infrastructure, Support, Virtualization

I recently stumbled upon a Citrix Windows KMS license activation bug that I thought would be good to share along with a workaround. The bug appeared after I created machines from a Windows Server 2022 Datacenter Azure Edition virtual machine template using Citrix Machine Creation Services (MCS). The Windows Server 2022 Datacenter Azure Edition version was 21H2 (OS Build 20348.2322). The machines are created just fine, but when trying to log in to a virtual desktop, I noticed the “Activate Windows&rdq... read more.

  • July 23, 2024

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/15 Cybersecurity Stop of the Month: Reeling in DarkGate Malware Attacks from the Beach (Proofpoint) In a recent attack, a threat actor (TA571) used DarkGate to try to infiltrate over 1,000 organizations worldwide. The attack spanned across 14,000 campaigns and contained more than 1,300 different malware variants. https://www.proofpoint.com/us/blog/email-and-cloud-threats/darkgate-malware Tuesday 7/16 Preventing Unintentional Data Exposure ft. Bryon Singh, RailWorks Corporation https://www.got... read more.

  • July 19, 2024

By Timothy Karl, Posted in Infrastructure, Virtualization

Microsoft has released a public preview of a new optimization architecture for Microsoft Teams in Citrix Virtual Desktop Infrastructure (VDI). Guided by extensive customer feedback, Microsoft re-architected Teams in Citrix VDI with a focus on modularity, decoupling, performance improvements, and streamlined support. It better aligns the experiences between physical and virtual desktops. Key Optimizations Advanced Features: The new SlimCore Media engine replaces WebRTC, enabling faster feature updates an... read more.

  • July 18, 2024

By Steve Gold, Posted in Security

In an era where data breaches and cybersecurity incidents dominate headlines, unintentional data exposure remains a significant threat to organizational security. Training workforce members to be aware of the causes for unintentional data exposure is essential. I’m going to cover common causes using factual pop culture references to highlight the importance of these practices. Mis-Delivery of Sensitive Data Imagine the chaos that ensues in "Harry Potter and the Chamber of Secrets" when Harry receive... read more.

  • July 16, 2024

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/8 The Growing Dichotomy of AI-Powered Code in Cloud-Native Security (Palo Alto Networks) Amidst the allure of newfound technology lies a profound duality – the stark contrast between the benefits of AI-driven software development and the formidable security risks it introduces. https://www.paloaltonetworks.com/blog/2024/07/the-growing-dichotomy-of-ai-powered-code-in-cloud-native-security/ Tuesday 7/9 You Cannot Pass ft. Bryon Singh, RailWorks Corporation https://www.gothamtg.com/blog/yo... read more.

  • July 12, 2024

By Steve Gold, Posted in Security

In “The Lord of the Rings: The Fellowship of the Ring”, the fellowship travels to Mordor to destroy the One Ring of the Dark Lord Sauron. In one scene, the fellowship come face to face with a Balrog. Knowing they cannot all escape, Gandalf stands on a bridge and yells “You Cannot Pass” and fights the Balrog to the death. What Gandalf did on the bridge relates to how we should handle our data. Gandalf recognized the threat of the Balrog to both his fellow travelers (colleagues) and t... read more.

  • July 09, 2024

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/1 Seeing the Unseen: Preventing Breaches by Spotting Malicious Browser Extensions (CrowdStrike) When an end user installs a browser extension, the permissions granted open the door to a world of possibilities — and vulnerabilities. Depending on what’s allowed, these extensions can access a veritable treasure trove of information. https://www.crowdstrike.com/blog/prevent-breaches-by-stopping-malicious-browser-extensions/ DMARC: Why It's Moving from a Best Practice to a Must-Have (Pro... read more.

  • July 05, 2024

By Steve Gold, Posted in Security

Yeah, I know. I’m using the same pop culture reference to make a point. But the reference is perfect and the point is important so read on. Multi-Factor Authentication (MFA) "Ocean's Eleven" showed breaking into a high-security vault requires more than just picking a lock; it involves bypassing multiple layers of security measures. This is similar to multi-factor authentication (MFA). MFA enhances security by requiring users to present multiple pieces of evidence (factors) to verify their identity.... read more.

  • July 02, 2024