We have a new technology coming online with all the popular web browsers.  It is called DNS over HTTPS or DoH.   The concept is instead of using your internal DNS to resolve web pages, the web browser goes back to an external DNS site to resolve the page.

We all understand the scourge of Ransomware.   It is debilitating.   Even in the best case, it consumes a huge amount of time to recover.  However, now the bad guys are getting even more nasty.   They want their money.   If you decide you can recover or don’t care, they get nothing.

  “You don’t have to run faster than the bear to get away. You just have to run faster than the guy next to you.” ― Jim Butcher Recently we had the former White House Chief Information Security Officer (CISO) on our webinar talking about the Ukrainian war and its impact on us.

It is already a weird summer for me. I normally go to Acadia National Park right about now and enjoy the Maine weather. (It is so weird that NY has Maine weather so far). Instead of my normal summer routine, this year I am moving one of my daughters into the University of Alabama at […]

I was watching a panelist discussion post-mortem discussing firsthand knowledge of 25 major ransomware-style breaches. One of the panelists was an award-winning, ex-NSA offensive hacker.  One item that was stressed as a common theme across many breaches was credential theft being the number one way bad people get into the network.

  Cyber Security has grown into an issue that needs to be addressed by everyone in a school district, not just by the Director of IT. To that end, we are starting a weekly bulletin series aimed at helping School Business Officials, who generally own the district’s risk management responsibility, become more knowledgeable about the […]

  In August of 2021, CISA added “Single Factor Authentication” to its list of practices it considers “exceptionally risky” as it exposes you to an “unnecessary risk from threat actors”. Your district auditors and the NYS Comptroller’s Office technology auditors are most likely pestering you about your multi-factor authentication (MFA) strategies and beginning to ding […]

  Last weekend my youngest daughter started a new baton program on Saturday mornings. Sitting there I realized I have been taking at least one of my four daughters to baton for the last 22 years across two different teams in two different towns.

  How do you intend to block lateral movement if an attacker has made it into your network? In looking at recent ransomware attacks there are some consistent attack vectors used for lateral movement that are almost always exploited.

  I am sitting here at 6 am doing the morning review of all our Paladin Sentinel Monitoring school districts. The storm came overnight and there are lots of noisy UPSes, but thankfully it is a pretty boring morning. Boring is good.