Blog

By Steve Gold, Posted in Security

If you ever played the massively multiplayer online role-playing game (MMORPG) World of Warcraft, you entered a fantastical world where you create a character, embark on quests, and explore vast virtual landscapes. In the early days of "World of Warcraft," the default account for players was the "Guest" account. The account had limited capabilities and was mainly meant for players who were trying out the game before subscribing to a full account. Not surprisingly, some players discovered that the "Guest" a... read more.

  • August 16, 2023

By Steve Gold, Posted in Security

If you were lucky enough to watch Mr. Robot (no judgement here, please!), you learned some valuable lessons on implementing robust security measures and seeing how they can be compromised. In this blog, we will explore how the show's character, Tyrell Wellick, exemplifies secure asset and software management through version-controlled-infrastructure-as-code and accessing administrative interfaces via Secure Shell (SSH) and Hypertext Transfer Protocol Secure (HTTPS). SSH provides a secure and encrypted mean... read more.

  • August 08, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/31 Making Zero Standing Privileges a Reality (CyberArk) The most significant change in the lifespan of identity security thus far is zero standing privileges (ZSP). Considered to be the next evolution of just-in-time (JIT) access, although it may seem needlessly complex at first, once you wrap your head around the concept, it feels as natural as turning off lights when you leave a room. https://bit.ly/457DKZX Build Strong, Secure Browsing Habits During—and Before—Cybersecurity Aware... read more.

  • August 04, 2023

By Steve Gold, Posted in Security

Many homeowners invest in home security systems to protect their property and loved ones. These systems often include components such as alarms, surveillance cameras, and access control measures. They act as a deterrent against intruders and provide peace of mind by ensuring the safety and security of the household. Similarly, implementing and managing a firewall on end-user devices can be compared to having a personal security system for digital devices. A firewall acts as a digital barrier, monitoring an... read more.

  • August 01, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/24 Five Ways to Secure External Identities (CyberArk) The cast of characters playing essential roles in driving your high-stakes initiatives continues to grow in number, scope and risk. Keeping their identities secure is essential for preventing third-party breaches and attacks – and for protecting everything these external B2B users are building for your enterprise. https://bit.ly/43FTGSj Ransomware Roundup - Cl0p (Fortinet) The Cl0p ransomware appears to be a descendent (or variant) of... read more.

  • July 28, 2023

By Carlo Costanzo, Posted in Infrastructure, Virtualization

Do you have any Raw Disk Mappings (RDMs) in your environment? If so, you might want to learn more about Clustered VMDKs. Clustered VMDKs vs RDMs Before Clustered VMDKs, clients would have to use RDMs to present a shared disk between VMs. RDMs were basically LUNs passed directly through the ESXi host to the Virtual Machines. The cluster software then handled writes and locking directly with the SAN. You could abstract the interactions a bit more by using Virtual Raw Disk Mappings (vRDMs), but the gist of t... read more.

  • July 27, 2023

By Steve Gold, Posted in Security

Steve’s Thoughts I’ve heard this many times in my life from a bouncer at a club/event. Sometimes it was my ID, sometimes there were too many people already in, and sometimes it was because, well, they just said no. Nightclubs and events employ bouncers to control access and maintain security within the venue. Bouncers act as a barrier between the outside world and the controlled environment inside, ensuring that only authorized individuals are granted entry. Similarly, a firewall can be compa... read more.

  • July 25, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/17 VMware's Purple Screen of Death Similar to Microsoft’s Blue Screen of Death, the Purple Screen of Death occurs when there is a kernel panic in Linux variants that result in a system halt. This typically is due to a driver issue, hardware issue, or in my case, a recent patch. https://www.gothamtg.com/blog/vmwares-purple-screen-of-death Log4j Vulnerability: Are Organizations Still at Risk? (F5) It’s been almost 2 years since the log4j vulnerability was exposed, and organizations a... read more.

  • July 21, 2023

By Steve Gold, Posted in Security

Steve’s Thoughts My girlfriend asks me this question almost every time we leave our home. Why, you ask? Because I’ve forgotten my keys more often than I should and then been locked out. This happens because our front door automatically locks when we leave as a safety precaution. Maybe I need to replace my Ted Lasso “BELIEVE” sign with a “Do you BELIEVE you have your keys?” sign. Automatic session locking is a security feature that automatically locks a user's session on... read more.

  • July 18, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/10   June 2023’s Most Wanted Malware: Qbot Most Prevalent Malware in First Half of 2023 and Mobile Trojan SpinOk Makes its Debut (Check Point) Our latest Global Threat Index for June 2023 saw researchers report that Trojan Qbot has been the most prevalent malware so far in 2023, ranking first in five out of the six months to date. https://bit.ly/3NNCQef Zero Trust: The Key to a Hybrid Workforce (Palo Alto Networks) Helping the workforce adapt to a work-from-home lifestyle doesn&rsq... read more.

  • July 14, 2023