Blog

By Eric Corcoran, Posted in Technology Week in Review

Monday 9/14 Apps in the Firing Line: The Enduring Power of DDoS Attacks (F5) DDoS attacks have continued to evolve, grow teeth, and wreak havoc. This is particularly true in the wake of COVID-19, with a number of industry reports from the past two quarters highlighting significant spikes across the world. https://bit.ly/3ixLw7M When is the right time to upgrade your SQL Server? (Pure Storage) The best way to go about your SQL Server upgrade is to coordinate the timing of it to include the full stack, f... read more.

• September 18, 2020

By Eric Corcoran, Posted in Technology Week in Review

Tuesday 9/8 Proofpoint and CyberArk Extend Partnership to Further Safeguard High-Risk Users with People-Centric Protection The Proofpoint and CyberArk partnership features a combination of layered defenses designed to stop threats before they reach users and apply policies and controls that ensure privilege accuracy. https://bit.ly/3bKwuJe Attackers Steal Outlook Credentials Via Overlay Screens on Legitimate Sites The emails imitated the technical-support team of the employee’s company (with &ldq... read more.

• September 11, 2020

By Nancy Rand, Posted in Security

NIST and the PCI DSS Council have both published software development frameworks. PCI DSS published a blog today highlighting an interview between Kevin Stine, Chief of the Applied Cybersecurity Division at NIST and Troy Leach, SVP, Engagement Officer at PCI SSC.  This blog discusses the importance of secure software development and contains links to additional information. https://blog.pcisecuritystandards.org/nist-and-pci-ssc-find-common-ground-in-development-of-software-frameworks Additionally, Th... read more.

• September 11, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/31 Policy Evasion: Evasive Techniques You Need to Understand to Prevent Breaches and Attacks (FireEye) In today’s world, security must be top of mind for everyone within an organization, and that means setting and adhering to cyber security policies are essential to preventing breaches and attacks. https://bit.ly/32Vhfcv What’s the problem with a VPN and a regular browser for remote access? (Citrix) Organizations can provide access to internal web apps and resources with a VPN and... read more.

• September 04, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/17 Online and offsite: the future of training and consultancy? (F5) As offices gradually re-open across the world, the question arises of how many of our old working habits we will return to. http://f5so.co/70FD4B Forescout Sets a New Standard for Securing the Enterprise of Things The new integrations allow organizations to reduce attack surface, maintain compliance and minimize breach impact across IT, IoT, healthcare and operational technology (OT) environments. Continuous monitoring of segm... read more.

• August 21, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/10 Cisco Completes Acquisition Of ThousandEyes Cisco's strength in network and application performance, combined with visibility into the internet enabled by ThousandEyes, now allows customers to have an end-to-end view into the digital delivery of applications and services over the internet. https://prn.to/3kxZ9VC An Exploration of Files and Objects for Data Storage (Pure Storage) Since files and objects are both important, widely used forms of data representation, supporting both in one syst... read more.

• August 14, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/3 Citrix Commits To $1B Cloud Spend With Unnamed Provider Under the new multi-year agreement, Microsoft Azure – Microsoft’s cloud platform – will “a preferred cloud platform” for Citrix. Citrix will move its existing on-premises customers to Microsoft Azure to help enable their employees to work anywhere across devices, and the two companies will provide joint tools to facilitate the transition. https://bit.ly/3i3sJjM The Log Data Conundrum: How to Get it Right at... read more.

• August 07, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/27 Distributed but Connected: Enabling today’s remote digital workforce (Citrix) As restrictions continue to ease, businesses can take a step back, work out their strategy, select the right partners, and ensure they are doing remote working in a way that empowers their employees to do their best work and that will be sustainable over the long term. https://bit.ly/2X0so9C FBI warns of new DDoS attack vectors: CoAP, WS-DD, ARMS, and Jenkins The purpose of the alert is to warn US companies... read more.

• July 31, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/20 Cisco releases security fixes for critical VPN, router vulnerabilities Over this week, Cisco added its own contribution, with the networking giant releasing patches for 34 bugs, the most severe of which can be exploited to conduct remote code execution and privilege escalation attacks. https://zd.net/2OG41JV Check Point IoT Protect Uses Automation and Threat Intelligence to Prevent the most advanced IoT cyber-attacks Connecting IoT devices to your network extends the attack surface for cybe... read more.

• July 24, 2020

By Nancy Rand, Posted in Security

NIST published links to GDPR and ISO crosswalks to the NIST Privacy Framework. These are published by Microsoft (for ISO/IEC 27701) and the Enterprivacy Consulting Group (for the GDPR-Regulation 2016/679). https://www.nist.gov/privacy-framework/resource-repository/browse/crosswalks/gdpr-crosswalk-enterprivacy-consulting-group https://www.nist.gov/privacy-framework/resource-repository/browse/crosswalks/isoiec-27701-crosswalk-microsoft Each spreadsheet provides a mapping between the framework and the GDPR... read more.

• July 23, 2020