Blog

By Eric Corcoran, Posted in Technology Week in Review

Monday 2/17 The 2020 State of App Services: Apps, Automation, and Architectures (F5 Networks) The rise of cloud-native architectures should not be taken lightly. Their impact on everything from adoption of automation to the deployment of app services is not trivial. http://bit.ly/37CVnme Increasing Visibility Into Network and Application Performance is Key to Driving Business Innovation (Riverbed) Seven in ten C-Suite decision makers (70%) believe business innovation is  driven by improved visibil... read more.

• February 21, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 2/10 A Queen’s Ransom: Varonis Uncovers Fast-Spreading “SaveTheQueen” Ransomware During our investigation, we found that the attacker used the SYSVOL share on the customer’s domain controller to help spread the malware and track infections. The attacker had likely obtained and used domain admin privileges to write files to SYSVOL. http://bit.ly/2vprM2b Facebook is Most Imitated Brand for Phishing Attempts: Check Point Research’s Q4 2019 Brand Phishing Report This re... read more.

• February 14, 2020

By Ken Phelan, Posted in Uncategorized

Game theorists like to look at game play as a way of modeling human behavior. One of their favorite games is called the prisoner’s dilemma. You’ve probably heard of it. In summary, it goes like this: You and a partner commit a crime. You’re not caught in the act, but the police bring you both downtown for questioning. The police put you in separate rooms and question you. At this point, the following outcomes are possible: Option 1 - You both keep quiet and each spend one year in jail... read more.

• February 12, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 2/3 Ransomware Meets Its Match With Automated Cyber Defenses (Varonis) Ransomware ain’t going away. After a dip in activity, 2019 saw a breath-taking spike — a 500% increase from the previous year — in ransomware victims, including over 700 health care providers, 100 state and municipal government agencies, and 80 universities and colleges. http://bit.ly/2OoW9N1 Increase in Emotet Spam Observed, Blocked by Symantec As Emotet activity increased, Symantec blocked as many as 1 mil... read more.

• February 07, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 1/27 Fortinet removes SSH and database backdoors from its SIEM product Fortinet has released patches this month to remove two backdoor accounts from FortiSIEM, the company's Security Information and Event Management (SIEM) product. Due to the sensitive nature of the data processed by a SIEM product and its central role in a company's cyber-security defenses, any backdoor mechanism in these systems is considered a dangerous and highly critical vulnerability. https://zd.net/38Mi3Sf Old Scams Gettin... read more.

• January 31, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 1/20 Vulnerability Update: First permanent fixes available, timeline accelerated Gotham’s Professional Services team is actively remediating the Citrix ADC vulnerability. If you are running versions 11.1 or 12, there is new firmware available to apply. The process can typically be completed within two hours with a minimum of downtime in an HA configuration. Other versions of NetScaler firmware still need to apply the available mitigation. Gotham NetScaler Managed Services customers are being... read more.

• January 24, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 1/13 Recommended connectivity for virtual apps and desktops in the cloud (via Citrix) Reliable, secure, high-performance network connectivity with QoS is critical to providing a great user experience with virtual apps and desktops, and Citrix SD-WAN offers unique integration with Citrix Virtual Apps and Desktops to deliver exactly that and more. http://bit.ly/388gH3X IGEL Trends 2020: All Signs Point to Desktop-as-a-Service (via IGEL) The cloud is no longer a trend, it’s there, and we must... read more.

• January 17, 2020

By Timothy Karl, Posted in Infrastructure, Security

Microsoft Windows 7 and Windows Server 2008 reached end of life on January 14, 2020. This means that Microsoft will no longer be releasing free security patches, updates, or support when something goes wrong. Although these operating systems won’t instantly stop working or become security risks overnight, there are risks with staying on these operating systems for an extended period of time. What happens if I stay on these operating systems? There is a huge risk of being exploited by cyber crimina... read more.

• January 16, 2020

By Timothy Karl, Posted in Infrastructure, Security

On December 17, 2019, Citrix released a critical advisory regarding a vulnerability that allows for remote code execution: CVE-2019-19781 - Vulnerability in Citrix Application Delivery Controller and Citrix Gateway (https://support.citrix.com/article/CTX267027). The vulnerability exploits a directory traversal attack on the /vpn directory on the NetScaler. It allows for remote execution of code under the user nobody. Gotham previously alerted customers to this vulnerability. Citrix plans to release a perma... read more.

• January 15, 2020

By Ed Bratter, Posted in Infrastructure, Security

Perhaps one of the most popular features of Exchange is the ability to connect Outlook running on a PC to Exchange over the Internet when outside the corporate network without the need to establish a VPN connection. This feature was introduced with Exchange 2003 and is called Outlook Anywhere. Of course, convenience always comes at a price: once enabled, Outlook Anywhere allows anyone with Outlook to connect to Exchange from any PC regardless of who owns it. Many organizations want or need to restrict Outlo... read more.

• January 10, 2020