Blog

By Eric Corcoran, Posted in Technology Week in Review

Monday 12/3 McAfee Labs 2019 Threats Predictions Report We have witnessed greater collaboration among cybercriminals exploiting the underground market, which has allowed them to develop efficiencies in their products. Cybercriminals have been partnering in this way for years; in 2019 this market economy will only expand. The game of cat and mouse the security industry plays with ransomware developers will escalate, and the industry will need to respond more quickly and effectively than ever before. http:... read more.

• December 10, 2018

By Eric Corcoran, Posted in Technology Week in Review

Monday 11/26 New Linux crypto-miner steals your root password and disables your antivirus This rootkit component has even more intrusive features, experts said, such as "the ability to steal user-entered passwords for the su command and to hide files in the file system, network connections, and running processes." https://zd.net/2TLvkDN Microsoft: Crash-causing Outlook 2010 security patches are now fixed Microsoft this week released KB 4461585 for Outlook 2010, which includes patches for the... read more.

• November 30, 2018

By Eric Corcoran, Posted in Technology Week in Review

Monday 11/19 Hacking group returns, switches attacks from ransomware to Trojan malware Dubbed tRat by researchers, the malware is predominantly targeting financial institutions and is being distributed with the aim of grabbing credentials, financial data, and other information that would be useful to cyber criminal operations. Researchers also warn that it could have other capabilities that haven't been put into operation yet. https://zd.net/2zijich Major SMS security lapse is a reminder to use authenti... read more.

• November 23, 2018

By Eric Corcoran, Posted in Technology Week in Review

Monday 11/12 Security Breach at Nordstorm exposed sensitive employee data Seattle-based retailer Nordstrom is notifying employees of an information-security breach that exposed their names, Social Security numbers, dates of birth, checking account and routing numbers, salaries and more. http://bit.ly/2qEYMOs U.S. Cyber Command Shares Malware Samples To Help Thwart Bad Actors In a brief media release, USCYBERCOM stated that it plans to “share unclassified malware samples it has discovere... read more.

• November 16, 2018

By Eric Corcoran, Posted in Technology Week in Review

This Week in Technology Monday 11/5 Hackers Extracted and Published Facebook Private Messages Grabbed Through Bad Browser Plug-ins The hackers originally published an offer in September for personal information related to 120 million Facebook accounts on a English-language forum. This included a sample of data that the BBC had an expert examine, confirming that over 81,000 profiles’ private messages were included. An additional 176,000 accounts had data that could have been scraped from public Face... read more.

• November 09, 2018

By Eric Corcoran, Posted in Technology Week in Review

Tuesday 10/30 Because of malware, adware when downloading Google Chrome through Microsoft Edge An investigation by How To Geek revealed that the fake website is actually marked as a “deceptive site” by Google Chrome, but it is not flagged as such by Microsoft Edge and Bing. The Bing search query was reproduced on some systems, not all, but it was only appearing on Microsoft Edge. http://bit.ly/2EOTBoU Nutanix Launches a New Channel Charter to Empower their Partners with Next-generation Techn... read more.

• November 02, 2018

By Brian Wagner, Posted in Infrastructure, Virtualization

Overview Citrix acquired Unidesk in early 2017, and quickly integrated the App Layering technology into the stack. This included the ability to separate and individually manage layers for the OS, Platform Tools, and Applications. Applications can be baked in to the final image (template) or mounted elastically on demand based on user provisioning. Here is an overview diagram from Citrix: The ability to support User Layers has been in the “Labs” (previews of potential functionality for futur... read more.

• October 16, 2018

By Nancy Rand, Posted in Security

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) announced on September 4, 2018 that it has started a collaborative project to develop a voluntary privacy framework. The framework design for the enterprise will complement the NIST Cybersecurity Framework. At the same time NIST will be developing a legal and policy approach for the US “…for consumer privacy in coordination with the department’s International Trade Administration to ensure consi... read more.

• October 01, 2018

By Brian Wagner, Posted in Infrastructure, Support

As IT administrators, we are often asked how we can be more proactive to reduce exposure to issues that may arise. In Citrix XenApp and XenDesktop 7.18, a new feature was introduced to help identify issues from user locations to the Citrix environment hosting the applications and desktops. This feature, Application Probing, has a few requirements, but is not too difficult to set up and can provide immediate value. Application Probing requires the following: Citrix XenApp / XenDesktop 7.18 or newer runni... read more.

• June 28, 2018

By Nancy Rand, Posted in Security

On May 17, 2018, the PCI DSS council published an updated standard. The updated standards document and summary of changes document are available at https://www.pcisecuritystandards.org/document_library?category=pcidss&document=pci_dss This update consists of clarification statements to remove references to effective dates and Secure Socket Layer (SSL)/early Transport Layer Security (TLS) migration deadlines that have passed. No new requirements are added in PCI DSS v3.2.1. PCI DSS v3.2 remains valid th... read more.

• June 28, 2018