Blog

By Eric Corcoran, Posted in Technology Week in Review

Monday 11/21 Prisma Cloud to Secure Supply Chain with Proposed Acquisition of Cider (Palo Alto Networks) The diversity, velocity and dynamic nature of today’s engineering ecosystem have introduced a wide array of new security challenges and gaps, setting the stage for the software supply chain to emerge as one of the most challenging and impactful attack vectors of the past few years. http://bit.ly/3Axbkfk A Comprehensive Look at Emotet’s Fall 2022 Return (Proofpoint) Emotet returned to the... read more.

• December 05, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 11/14 Identity Security Calls for Leadership Across Categories (CyberArk) 52% of all employee identities have access to sensitive systems and data that attackers can easily exploit. In this environment, every identity at any access point is a gateway to an organization’s most valuable resources. http://bit.ly/3hBTgKe 5 Ransomware Protection Strategies for 2023 (Fortinet) In just the first half of 2022, the number of new ransomware variants we identified increased by nearly 100% compared to... read more.

• November 18, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 11/7 CISA’s New Directive BOD 23-01: The First Step in Building an Efficient Cybersecurity Posture (Cybersixgill) Although BOD 23-01 is mandatory only for FCEB agencies, CISA recommends that all organizations review this directive and adopt its guidance to strengthen asset management and vulnerability detection practices within their networks - and enhance their organization's cyber resilience. https://bit.ly/3FToQwZ Fortinet Named a Leader in the 2022 Forrester Wave™ for Enterprise F... read more.

• November 11, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 10/31 Citrix Cloud Connectors: How they work and how to get the most from them (Citrix) Cloud Connectors unlock the advantages of cloud management by bridging on-prem and cloud deployments, without requiring complex networking or infrastructure configuration. https://bit.ly/3FvOzLO Cyber Threats Happen — Prevention, Protection and Recovery Tips (Palo Alto Networks) While there’s no way to predict a bad actor’s next move, we do know that people are the first line of defense, and... read more.

• November 04, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 10/24 Recognizing, Reporting, and Preventing Phishing (Fortinet) What’s especially concerning as we look back at the first half of 2022 is that the number of new ransomware variants we identified increased by nearly 100% compared to the previous six-month period. https://bit.ly/3z92nI2 Passwords still dominate, and are causing headaches for everyone Password-spraying attacks relying on lists of millions of passwords leaked in the past decade, are on the rise, making MFA one of the most eff... read more.

• October 28, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 10/17 A New Era of Email Security: Easier—and Even More Effective (Proofpoint) Email is the number one threat vector and a massive risk vector for breaches today, which is why it's crucial for organizations to have an effective, integrated set of controls to stop phishing attacks and other email-related threats. https://bit.ly/3eFHhdx Why Strong Passwords Alone Won’t Stop Identity-Based Attacks (CyberArk) No matter how strong your organization’s password policies and awareness... read more.

• October 21, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 10/10 You’ve Enabled MFA — Great! This Cybersecurity Awareness Month, Focus on How and Where It’s Used (CyberArk) Thanks to repeated front-page news coverage, MFA fatigue attacks are likely high on your radar. For these, threat actors employ various digital and voice-based phishing techniques to steal credentials and then send repeated MFA push requests to a target’s mobile device to successfully dupe employees and third-party vendors. https://bit.ly/3CIRQWi Ransomware-as-... read more.

• October 14, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 10/3 Q&A on Cyber Resiliency for Operational Technology (Fortinet) Fortinet’s CISO for Operational Technology, Willi Nelson, shares perspective on considerations when developing cyber resilience, covering fundamentals and strategic planning, to protect the convergence of IT and OT environments. https://bit.ly/3e2oEAe Hackers are testing a destructive new way to make ransomware attacks more effective Ransomware hackers are experimenting with a new kind of attack that, instead of encrypt... read more.

• October 07, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 9/26 Benefits of an Insider Threat Management Program (Proofpoint) The success of an ITM program is completely dependent upon involving stakeholders beyond IT and information security. Since anyone in your organization could become a source of insider challenges, you need representation from all parts of your organization. https://bit.ly/3Rg23Ob Prevention-first MDR/MPR – Elevating Managed Detection and Response to the Next Level (Check Point) Check Point’s Mid-Year Report recently r... read more.

• September 30, 2022

By Michael Hawkins, Posted in Security

In recent days, it has been widely reported that Uber suffered a significant intrusion into their network. While the extent of the damage is unknown, we do know about the sequence of events that allowed the breach to be successful. Below is a discussion of some of the known facts along with our own commentary on the situation. Most importantly, we provide lessons for others to break the chain of events, which can help businesses to avoid these types of attacks. 1st Link: An Uber employee configured an... read more.

• September 29, 2022