Blog

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/28 CISA Adds 66 Known Exploited Vulnerabilities to Catalog CISA has added 66 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. https://bit.ly/3DkrkRH From the Shotgun Approach to Triple Extortion: The Evolving Ransomware Threat (Fortinet) Although overall ransomware remains a top concern, there ar... read more.

• April 01, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/21 Cloud Services Under Attack: Closing the Virtual Open Doors to Cyber Crime (Check Point) Tightening cloud security isn’t just about having the right products and services in place, it’s also about nurturing a security-first mentality within an organization as a whole. https://bit.ly/3Jx1Ov8 What Is a Botnet? Definition and Prevention (Varonis) Botnets can be used in other ways and have been known to be leveraged by criminal hacker groups to steal data and further compromise othe... read more.

• March 25, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/14 A Defense-in-Depth Strategy to Phishing Prevention (Proofpoint) As the threat landscape continues to evolve, organizations need to invest in multilayered defenses to stop threats that target people. It’s important to shift budgets as necessary to the threats causing the greatest risk and impact to organizations. https://bit.ly/3JbfonH Key Findings from the 2H 2021 FortiGuard Labs Threat Report (Fortinet) The 2021 threat landscape presented several new challenges for security teams. Bu... read more.

• March 18, 2022

By Nancy Rand, Posted in Security

The PCI Council published a blog announcing the coming of PCI DSS version 4.0 at the end of March 2022 https://blog.pcisecuritystandards.org/countdown-to-pci-dss-v4.0. The blog contains a PCI DSS Version 4.0 Implementation timeline. The new standard document, the Summary of Changes v3.2.1 to 4.0 will be released along with the Report on Compliance ROC Template and Attestations of Compliance AOC documents at the end of March 2022. The Self-Assessment Questionnaires SAQs will be available shortly after. Tr... read more.

• March 17, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/7 Your Blueprint to Implement an Insider Threat Management Program (Proofpoint) Organizations need to adopt a new mindset to efficiently adapt to this new normal, one that enables a transformation of their insider threat management strategies. It starts by understanding the insider threat risk. https://bit.ly/3vH3Jcl Service Continuity in Citrix Cloud: A recipe for resiliency Citrix admins can put service continuity to the test and proceed with enabling it in their production environment. If y... read more.

• March 11, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 2/21 Simplify IT administration with Workspace Environment Management (Citrix) The Scripted Task solution in Workspace Environment Management (WEM) helps to simplify the management of your daily tasks through these scripts, ensuring the security of the scripts you’re deploying and running without adding complexity to your day. https://bit.ly/3InrfyJ 6 Ways Big Data Analytics Can Drive Down Costs (Pure Storage) More businesses are using big data to cut costs and increase profits. It’s... read more.

• March 04, 2022

By Michael Hawkins, Posted in Security

 All organizations have edge firewalls. Alas, they also operate firewall policies that are usually far too open and permissive. Current world events being what they are, now is an urgent time to check your edge security. Accordingly, Gotham Technology Group has prepared a ten step program to help you achieve a fully secured edge. Do not allow the Internet to access dangerous protocols in your environment. Close ports that are not needed and seriously consider closing ports that may seem to be needed... read more.

• March 02, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 2/14 Identify and Investigate Business Email Compromise (BEC) Scams (Varonis) According to the FBI's recent IC3 report, Business Email Compromise was responsible for causing over $1.8 billion worth of losses to businesses in 2020, which greatly exceeds the losses attributed to other more publicized forms of cybercrime like ransomware ($29 million). https://bit.ly/350pUPy Cyber Operational Collaboration Is Key for the “Next Log4j” Response (Palo Alto Networks) A quick glance at cybers... read more.

• February 18, 2022

By Eric Corcoran, Posted in Technology Week in Review

Monday 2/7 New FortiGate 3000F Series Secures Digital Acceleration for Hybrid IT (Fortinet) The FortiGate 3000F is the latest addition to the NGFW portfolio, designed to help customers secure today’s hybrid IT campus and data center architectures. https://bit.ly/3GrL4Db Citrix EPA issue with Chrome/Edge 98 – Fixed with Microsoft Endpoint Manager Due to a new security feature in both Chrome and Edge version 98 (they both share the Chromium code), EPA (Endpoint Analysis) will no longer launch... read more.

• February 11, 2022

By Brian Wagner, Posted in Support

Due to a new security feature in both Chrome and Edge version 98 (they both share the Chromium code), EPA (Endpoint Analysis) will no longer launch through the browser. Citrix released this article: EPA fails after Chrome/Edge version 98 upgrade (citrix.com) The article states that the work around is to add your gateway FQDN to the “InsecurePrivateNetworkRequestsAllowedForUrls” policy for both Chrome and Edge. While this sounds easy enough, the change needs to be made on a remote machine (pre... read more.

• February 07, 2022