Blog

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/11 Microsoft and F5: Together Addressing Secure Remote Access and Productivity (F5 Networks) F5 BIG-IP APM and Azure Active Directory simplify the user experience for application access by enabling users to log in once and access all applications they have the right to access, from a single location. https://bit.ly/2zuVdC0 We Are Excited to Announce the Acquisition of The Defence Works (Proofpoint) The Defence Works’ award-winning content will be integrated into our broader Proofpoint Se... read more.

  • May 15, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/4 FlashBlade 3.0: The Solution for Modern Unstructured Data (Pure Storage) FlashBlade uniquely solves for multi-dimensional performance, agility, and simplicity with the efficiencies of public cloud, but in your data center. https://bit.ly/2xu9vCi CursedChrome turns your browser into a hacker's proxy Once the attacker has connected to an infected host, they can then navigate the web using the infected browser, and by doing so, hijack logged-in sessions and online identities to access forbidden... read more.

  • May 08, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/27 Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams (CyberArk) Attackers could have used a malicious GIF to scrape user’s data and ultimately take over an organization’s entire roster of Teams accounts. https://bit.ly/2VHzxeB Cisco and Google Cloud Partner to Bridge Applications and Networks: Announcing Cisco SD-WAN Cloud Hub with Google Cloud This automated solution will ensure that applications and enterprise networks will be able to share service-level agreem... read more.

  • May 01, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/20 Coronavirus update: as economic stimulus payments start to flow, cyber-attackers want to get their share too (Check Point) Users that visit these malicious domains instead of the official Government websites risk having their personal information stolen and exposed, or payment theft and fraud. https://bit.ly/3eBlhf6 Zero Trust, SASE-Digital Enablers or Adding Complexity to Cyber Ecosystems (McAfee) The reality is they [Zero Trust and SASE] are built upon a similar foundation of least privil... read more.

  • April 24, 2020

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/13 Gotham COVID-19 Update https://bit.ly/2RxqP02 NIST SP 800-53 Revision 5 Public Draft Available for Review and Comment NIST is separating the controls catalog from the control baselines-SP800-53 Controls catalog, which will be online, and SP800-53B “bravo” Controls Baselines. https://bit.ly/3c9lFzm Cloud Security for Rapidly Increasing Remote Work (Fortinet) Many corporate resources, especially at the core network, were not designed for this sudden load of connections and traff... read more.

  • April 17, 2020

By Gotham, Posted in Infrastructure, Security, Staffing, Support

Gotham Community, It’s been three weeks since New York State issued lockdown orders and four weeks since we enacted our work from home protocol in response to the COVID-19 pandemic. I hope this note finds you all sheltering in place and that you and your families are safe. What follows is a brief update on our current capabilities and procedures. We are serving all of our clients remotely and are pleased to report no impact on our ability to fulfill client requirements and meet our service level ag... read more.

  • April 13, 2020

By Gotham, Posted in Infrastructure, Security, Staffing, Support

Gotham Community, It’s been three weeks since New York State issued lockdown orders and four weeks since we enacted our work from home protocol in response to the COVID-19 pandemic. I hope this note finds you all sheltering in place and that you and your families are safe. What follows is a brief update on our current capabilities and procedures. We are serving all of our clients remotely and are pleased to report no impact on our ability to fulfill client requirements and meet our service level ag... read more.

  • April 13, 2020

By Nancy Rand, Posted in Security

NIST has released SP 800-53 Revision 5 Public draft for review and comment. https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/draft NIST is separating the controls catalog from the control baselines-SP800-53 Controls catalog, which will be online, and SP800-53B “bravo” Controls Baselines. The following are available at https://go.usa.gov/xdevj Draft SP 800-53 Revision 5 Summary of Changes from Revision 4 Comment Template Open Security Control Assessment Language (XML, JSON, YAML)... read more.

  • April 10, 2020

By Nancy Rand, Posted in Security

Today’s privacy laws and regulations require privacy by design and by default for systems, networks, and applications. ISACA is creating a Privacy Certification. The certification targets IT professionals that implement defenses. It is intended to assess an individual’s ability to design and implement privacy by design. The work is for cross-functional design work and expected to bridge legal and technical functions. These individuals will work with operations, systems, security, application an... read more.

  • April 10, 2020

By Michael Hawkins, Posted in Security

Recent events have compelled companies to support staff members working from home. Some aspects of working from home have similarities to mobile remote staff. But there are distinct differences that need to be taken into account due to the elevated risks that working from home networks present. The risks are human and technological in nature. Let’s review some of each. SECURING THE HOME NETWORK Severe vulnerabilities exist in low-cost consumer routers. Therefore, it is necessary to examine the make... read more.

  • April 10, 2020