Blog

By Steve Gold, Posted in Security

“Identity theft is not a joke, Jim.” If you’re not familiar with this reference, please DM me as we have much to discuss. For context, the line above is said by Dwight K. Schrute, a character played by Rainn Wilson in the TV series The Office. In this episode a colleague impersonates Dwight, causing the line above. Once again, Dwight highlights the importance of account/identity security within an organization without hiding weapons throughout the office. User and administrator accounts p... read more.

• September 06, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/28 Surge in Cybercrime: Check Point 2023 Mid-Year Security Report Reveals 48 Ransomware Groups Have Breached Over 2,200 Victims (Check Point) The key takeaway from CPR’s 2023 Mid-Year Security Report is that cybersecurity is a dynamic battlefield. It underscores the need for organizations to evolve their security strategies in tandem with the shifting threat landscape, employing a combination of the latest AI-driven defenses and a deep understanding of older vulnerabilities. https://bit.ly... read more.

• September 01, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/21 How to Protect Your Cloud Environment From Today’s Top 5 Threats (Varonis) Cloud environments are evolving quickly, and so are the threats looking to compromise them. No matter what the risk is or what the attack vector is, the goal is always the same: threats are after the data.  https://bit.ly/3qFixIk Five Things To Know About PCI DSS 4.0 Authentication Requirements (HYPR) PCI DSS 4.0, introduces more than 60 new or updated requirements, with new directives around passwords and... read more.

• August 25, 2023

By Carlo Costanzo, Posted in Infrastructure

In my opinion, home labs are awesome. One of the best ways for you to learn software is to actually run it in your house on a home lab and have the ability to test out solutions, features, upgrades, and break fixes without having to worry about impacting your user base at work. The major drawback in running a home lab is cost. Often times, the gear is expensive (even when purchased used) and the cost to power the lab can also be excessive. Sure, you can spin things up in the cloud, but for me, I find witho... read more.

• August 25, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/7 Prevention Is the Best Preparation for the SEC’s New Breach Disclosure Rules (CrowdStrike) The U.S. Securities and Exchange Commission (SEC) this week voted to adopt new rules for how companies inform investors about cybersecurity concerns. The vote comes after years of gradually increasing guidance and scrutiny over companies’ handling of cybersecurity events. https://bit.ly/3qeR0NR The 8 Stages of the Ransomware Attack Chain (Proofpoint) Although attackers may be constantly fin... read more.

• August 18, 2023

By Carlo Costanzo, Posted in Infrastructure

Sometimes with VMware solutions, you need to install a custom vSphere Installation Bundle (VIB). There are VIBs for Nvidia GPUs, storage VIBs, and many others. In this post, let’s talk about how you can use Lifecycle Manager to install VIBs, rather than messing around with the Command Line as most of the instructions would have you do. What is a VIB? A VIB is a package containing software that you can install on a VMware ESXi host. It is typically a ZIP file containing the kernel modules, scripts, a... read more.

• August 16, 2023

By Steve Gold, Posted in Security

If you ever played the massively multiplayer online role-playing game (MMORPG) World of Warcraft, you entered a fantastical world where you create a character, embark on quests, and explore vast virtual landscapes. In the early days of "World of Warcraft," the default account for players was the "Guest" account. The account had limited capabilities and was mainly meant for players who were trying out the game before subscribing to a full account. Not surprisingly, some players discovered that the "Guest" a... read more.

• August 16, 2023

By Steve Gold, Posted in Security

If you were lucky enough to watch Mr. Robot (no judgement here, please!), you learned some valuable lessons on implementing robust security measures and seeing how they can be compromised. In this blog, we will explore how the show's character, Tyrell Wellick, exemplifies secure asset and software management through version-controlled-infrastructure-as-code and accessing administrative interfaces via Secure Shell (SSH) and Hypertext Transfer Protocol Secure (HTTPS). SSH provides a secure and encrypted mean... read more.

• August 08, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/31 Making Zero Standing Privileges a Reality (CyberArk) The most significant change in the lifespan of identity security thus far is zero standing privileges (ZSP). Considered to be the next evolution of just-in-time (JIT) access, although it may seem needlessly complex at first, once you wrap your head around the concept, it feels as natural as turning off lights when you leave a room. https://bit.ly/457DKZX Build Strong, Secure Browsing Habits During—and Before—Cybersecurity Aware... read more.

• August 04, 2023

By Steve Gold, Posted in Security

Many homeowners invest in home security systems to protect their property and loved ones. These systems often include components such as alarms, surveillance cameras, and access control measures. They act as a deterrent against intruders and provide peace of mind by ensuring the safety and security of the household. Similarly, implementing and managing a firewall on end-user devices can be compared to having a personal security system for digital devices. A firewall acts as a digital barrier, monitoring an... read more.

• August 01, 2023