Blog

By Eric Corcoran, Posted in Technology Week in Review

Tuesday 5/28 In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc Since that leak, rogue actors have used EternalBlue to spread malware that has paralyzed hospitals, airports, rail and shipping operators, A.T.M.s and factories that produce critical vaccines. Now the tool is hitting the United States where it is most vulnerable, in local governments with aging digital infrastructure and fewer resources to defend themselves. https://nyti.ms/2HIEVY9 Title insurer exposes millions of mortgage records... read more.

  • May 31, 2019

By Nancy Rand, Posted in Security

Q2 2019 NIST Privacy Framework Additional Documentation The NIST Privacy Framework group has published new documents to complement the Privacy Framework Draft document. The NIST Privacy Framework Discussion Draft Core (Excel) spreadsheet facilitates an organization’s consideration of the elements of the framework. The Comparison of Privacy Framework and Cybersecurity Framework Cores (PDF) presents a side-by-side view of each framework’s corresponding elements for review. Each document furthe... read more.

  • May 30, 2019

By Hank Smith, Posted in Infrastructure

Many companies are moving a variety of workloads to the cloud. This blog covers the tools available for managing Elastic Cloud Compute (EC2) instance costs in AWS. The goal is to understand what is available and other technologies that are available to control EC2 costs. EC2 is the function that allows customers to create various instances of virtual machines within AWS. Why move workloads to the cloud (AWS in this case)? There are a variety of reasons why companies are choosing to move to the cloud incl... read more.

  • May 30, 2019

By Eric Corcoran, Posted in Technology Week in Review

Tuesday 5/21 Millions of Instagram influencers and brands had their private contact data scraped and exposed From a brief review of the data, each record contained public data scraped from Instagram accounts, including their bio, profile picture, the number of followers they have, if they’re verified and their location by city and country, but also contained private contact information, such as the Instagram account owner’s email address and phone number. https://tcrn.ch/2QgvvWa Citrix Usher... read more.

  • May 24, 2019

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/13 Update Your Drivers Right Now If You Have An NVIDIA GeForce, Quadro or Tesla Graphics Card Nvidia has uncovered and patched three vulnerabilities in the Windows display drivers for the company’s GeForce, Quadro and Tesla graphics cards. If exploited, the vulnerabilities could lead to denial of service, escalation of privileges or information disclosure on the host machines. http://bit.ly/2JhRtYk HyTrust Launches Full-Scale Security Platform for VMware, AWS, Containers HyTrust CloudCon... read more.

  • May 20, 2019

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/6 Hackers steal card data from 201 online campus stores from Canada and the US A group of hackers has planted malicious JavaScript code that steals payment card details inside the e-commerce system used by colleges and universities in Canada and the US. The malicious code was found on 201 online stores that were catering to 176 colleges and universities in the US and 21 in Canada. https://zd.net/2GZBMl8 Shellbot malware evolves to spread and shuts down other cryptominers The malware has new ca... read more.

  • May 10, 2019

By Brian Wagner, Posted in Infrastructure, Virtualization

I remember when Windows NT 4.0 Terminal Server edition was released, and the integrated capability of having more than one user access a server at a time was born. Sure, Citrix had created this already with WinFrame on Windows NT 3.51, but Windows NT 4.0 Terminal Server edition brought the functionality to the native operating system. We take this for granted now, with every administrator of a Windows server environment heavily relying on RDP for their day-to-day jobs. But it was an exciting time. But the... read more.

  • May 08, 2019

By Brian Wagner, Posted in Infrastructure, Virtualization

To follow up on my previous blog about the Cloud First world we live in, I thought it would be helpful to highlight an area where the cloud offers a great AND low cost solution for Citrix disaster recovery. The costs of having workloads in the cloud are typically the largest obstacle for our customers to start the journey to the cloud. Citrix teamed up with Microsoft to deliver an option that reduces cost for production workloads and almost eliminates cost for disaster recovery. How does it work? The cost... read more.

  • May 08, 2019

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/29 Researchers develop new technique to identify malware in embedded systems At issue are so-called micro-architectural attacks. This form of malware makes use of a system’s architectural design, effectively hijacking the hardware in a way that gives outside users control of the system and access to its data.Spectre and Meltdown are high-profile examples of micro-architectural malware. http://bit.ly/2GQg3Nr Chrome on Android: Phishing attackers can now trick you with fake address bar Nor... read more.

  • May 03, 2019

By Nancy Rand, Posted in Security

The NIST Privacy Framework discussion draft has been published. This document incorporates the outlines and stakeholder input received to date. https://www.nist.gov/sites/default/files/documents/2019/04/30/nist-privacy-framework-discussion-draft.pdf  The Drafting the NIST Privacy Framework: Workshop #2 will be held on May 13-14, 2019, at the Georgia Tech Scheller College of Business in Atlanta, Georgia. Feedback is also welcome via email at privacyframework@nist.gov (which will not be posted online).... read more.

  • May 02, 2019