Blog

By Steve Gold, Posted in Security

One of my favorite scenes in Thor: Ragnarok was when Thor attempted to escape the junk planet. He made it to the Quinjet and tried many different activation codes (access) such as: "Thor", "Son of Odin," and "Strongest Avenger" (twice). None worked. It was only when he said “Point Break” did the Quinjet start. Point Break was the activation code that Tony Stark had assigned him back from the 2012 Avengers movie. Unauthorized access to sensitive information is one of the most significant threats... read more.

• October 10, 2023

By Timothy Karl, Posted in Infrastructure

Email-based discovery in the Citrix Workspace app allows users to setup Workspace using only their email address. The benefit of this feature is that a user does not have to enter or remember any server URLs to access their Citrix resources. All they need to do is enter their email address and the Workspace App will auto-configure itself. To configure this feature in traditional NetScaler Gateway and StoreFront deployments, an administrator would need to configure the following for each email domain: A... read more.

• September 29, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 9/25 10 Real-World Business Email Compromise (BEC) Scam Examples (Proofpoint) The FBI’s Internet Crime Complaint Center reports that businesses lost more than $2.7 billion to BEC scams in 2022. That’s more than one-quarter of all the cyber crime-related financial losses for that year. https://bit.ly/3RC1LVw What is Alert Deafness? (Check Point) The exponential increase in data processed by organizations means a rise in errors, failures, and vulnerabilities is expected. But with pings... read more.

• September 29, 2023

By Steve Gold, Posted in Security

One of the most famous wizards of all time, Harry Potter, learned that he was destined to attend Hogwarts School of Witchcraft and Wizardry on his 11th birthday. It was then that Harry acquired his first wand at Ollivanders shop in Diagon Alley. From the moment he received his first wand, Harry had to learn how to wield the power of his wand. Similarly, in the digital landscape, providing every user with administrator privileges is like handing them a wand without proper training. Just as aspiring wizards... read more.

• September 27, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 9/18 August 2023’s Most Wanted Malware: New ChromeLoader Campaign Spreads Malicious Browser Extensions while QBot is Shut Down by FBI (Check Point) Check Point Research reported on a new ChromeLoader campaign named “Shampoo” which targets Chrome browser users with malware-loaded fake ads. Meanwhile, the communications sector jumped up the list to the second most impacted industry over healthcare. https://bit.ly/3EKqbV6 5 Password Cracking Techniques Used in Cyber Attacks (Proofp... read more.

• September 22, 2023

By Carlo Costanzo, Posted in Infrastructure, Virtualization

Content Libraries For those entrenched in virtualization, vSphere's Content Libraries are no stranger. Despite their glaring advantages, the adoption rate has been sluggishly low, primarily because of traditionalist tendencies. Yes, you guessed it right, I'm talking about those dedicated LUNs still holding ISOs like it's 2005. I get it, it's comfortable to stick with what you know, but hear me out: Content Libraries in vSphere aren't just a fancier vessel for your ISOs. They are the bedrock for a more robu... read more.

• September 20, 2023

By Steve Gold, Posted in Security

If you’re a geek like me, you remember the above line from Star Wars Episode VI: Return of the Jedi where a strike team posing as an engineering crew gives a stolen (dormant) authorization code as they attempt to pass through a security checkpoint. The successful use of that dormant code allowed the rebels to take down the force field, fly inside the superstructure, knock out its main reactor, and destroy the Death Star. Dormant accounts are those virtual identities that lie idle, untouched, and unus... read more.

• September 19, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 9/11 New Perimeters—Identity Threats Are the New Attack Surface (Proofpoint) Cyber criminals can bypass standard perimeter defenses with minimal effort or technical know-how by targeting unmanaged and misconfigured identities. Service accounts, local and shadow admins and cached credentials often slip through the net of privilege and password security tools. https://bit.ly/488aQeF Purity//FA 6.4.10: NFS 4.1 Support and Ransomware Protection Enhancements (Pure Storage) The latest release of... read more.

• September 15, 2023

By Steve Gold, Posted in Security

If you’ve ever seen Jimmy Kimmel Live, I hope you’ve seen the “What’s your Password” skit. As funny, and as incredibly disappointing this is, it’s real life. We’re not in Kansas anymore folks. Many years ago, all we needed to do to protect our assets was lock our door. Now, our assets are spread across a virtual kingdom. Our online activities touch almost every aspect of our lives. From banking and shopping to work and communication, our digital presence is widespr... read more.

• September 13, 2023

By Eric Corcoran, Posted in Technology Week in Review

Tuesday 9/5 What Is Smishing and How Organizations Can Protect Themselves (Arctic Wolf) SMS (short messaging service) phishing or “smishing” is a common type of cyber attack where victims receive misleading text messages intended to trick them into providing credentials, access, valuable data, or even downloading malware onto a system. It is also called “cell phone phishing.” https://bit.ly/3fvq8nh The Evolution of Cybersecurity in Banking (Fortinet) As highlighted in recent rep... read more.

• September 08, 2023