Blog

By Steve Gold, Posted in Security

Danny Ocean, played by George Clooney in Ocean’s 11 shows the complexity, timing, and sometimes ease of leveraging social engineering for an attack. This film provides a compelling look into the art of deception and manipulation, showcasing strategies that are surprisingly relevant to cybersecurity training. In "Ocean's Eleven," Danny Ocean and his team use sophisticated social engineering tactics to rob a casino. They employ pretexting when posing as technicians or officials to access restricted are... read more.

  • June 19, 2024

By Eric Corcoran, Posted in Technology Week in Review

Monday 6/10 Announcing the inclusion of XenServer 8 in all new Citrix subscriptions! (Citrix) XenServer provides our Citrix platform customers the premium hypervisor capabilities optimized for Citrix workloads. Leveraging XenServer for your Citrix workloads helps you save money on 3rd party hypervisor solutions, while getting the most out of your Citrix deployment, with optimizations for Citrix only available from XenServer, such as PVS Accelerator, Intellicache, and MCS Read Cache. https://www.citrix.co... read more.

  • June 14, 2024

By Hank Smith, Posted in Security

I wanted to share a personal experience about how artificial intelligence (AI) was almost used to exploit the elderly. I recently received a troubling call from my father, inquiring if my partner had been involved in a car accident and placed in jail. Knowing this wasn't true, I probed for more details. It turned out my father had received a call from somebody claiming to be my partner with a voice that sounded exactly like hers. The caller, impersonating my partner, said she caused an accident that harmed... read more.

  • June 12, 2024

By Eric Corcoran, Posted in Technology Week in Review

Monday 6/3 Major Botnets Disrupted via Global Law Enforcement Takedown (Proofpoint) Per Europol, in conjunction with the malware disruption, the coordinated action led to four arrests, over 100 servers taken down across 10 countries, over 2,000 domains brought under the control of law enforcement, and illegal assets frozen. https://www.proofpoint.com/us/blog/threat-insight/major-botnets-disrupted-global-law-enforcement-takedown Tuesday 6/4 Endpoint Management Upleveled: New device list functionality (C... read more.

  • June 11, 2024

By Eric Corcoran, Posted in Technology Week in Review

Tuesday 5/28 Creating a Security Program with Less Complexity and More Visibility (Palo Alto Networks) The greatest misconception about cybersecurity is that programs can catch up overnight with silver-bullet solutions. There’s no substitute for a strong foundation and daily maintenance. https://www.paloaltonetworks.com/blog/2024/05/creating-a-security-program/ AI and Automation in the Race to Reduce Attack Dwell Time (Check Point) As cyber threats continue to evolve, so too must the strategies a... read more.

  • May 31, 2024

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/13 CrowdStrike Enhances Cloud Asset Visualization to Accelerate Risk Prioritization (CrowdStrike) The massive increase in cloud adoption has driven adversaries to focus their efforts on cloud environments — a shift that led to cloud intrusions increasing by 75% in 2023, emphasizing the need for stronger cloud security. https://www.crowdstrike.com/blog/enhanced-cloud-asset-visualization/ CISA opens its malware analysis and threat hunting tool for public use (CSO Online) https://www.csoonl... read more.

  • May 24, 2024

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/6 Prisma SASE 3.0 — Securing Work Where It Happens (Palo Alto Networks) This unrestricted approach empowers users, but it also increases risk due to a lack of consistent security, control and visibility across devices. Security strategies must catch up, and Palo Alto Networks is once again leading that charge. https://www.paloaltonetworks.com/blog/2024/05/prisma-sase-3-0/ Understanding Risk-Based Vulnerability Management (Arctic Wolf) For all the concern about phishing, insider threats,... read more.

  • May 10, 2024

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/15 Understanding APIs and How Attackers Abuse Them to Steal Data (CyberArk) While essential and prevalent, APIs are potential attack vectors when not properly protected via machine identity security best practices. They can be exploited to expose sensitive data (e.g., customer lists, personally identifiable information (PII) and credit card details) while enabling application-to-application communication. https://www.cyberark.com/resources/blog/understanding-apis-and-how-attackers-abuse-them-to-... read more.

  • May 03, 2024

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/8 Improving Detection and Response: Making the Case for Deceptions (Proofpoint) How can you find and stop attackers more quickly? The answer lies in your approach. Let’s take a closer look at how security teams typically try to detect attackers. Then, we can better understand why deceptions can work better.  https://www.proofpoint.com/us/blog/identity-threat-defense/deception-technology-better-for-threat-detection-response-than-honeypots The Continuing Rise of Remote Code Execution (... read more.

  • April 12, 2024

By Steve Gold, Posted in Security

The iconic line uttered by Agent Smith, played by Hugo Weaving, to Thomas A. Anderson, aka Neo, played by Keanu Reeves, in The Matrix. If you’ve been living under a rock or in a good sized closet, The Matrix tells the story of how Neo is awakened to the reality that his entire existence has been within a digital simulation, leading him on a journey to fight against the machines that have enslaved humanity. This awakening is akin to the realization organizations must reach about the importance of cyber... read more.

  • April 09, 2024