I learned to drive “on the wrong side of the road” on a Monday morning in downtown London. I hit my first object in about 50 feet when I ran over the cross beam of a crowd fence and it bounced up and tapped my car. It was scary, but I eventually got to the […]
Late in the afternoon on a Friday, I created a bit of a scare for those of you who are part of our Paladin Sentinel monitoring system. I was doing my due diligence removing a monitoring policy we experimented with after our last major system upgrade, but didn’t provide any value to us or you.
We have recently been approached by many school districts to talk to their district office staff and in some instances their faculty about phishing and security as it relates to money and personally identifiable information (PII). These have been in the form of either special in-service training for district office/business office staff or as part […]
If you subscribe to our Paladin Sentinel monitoring service, hopefully, you know that either myself or one of our technical staff actively sweeps through the monitoring consoles sometime between 6 am to 7 am with the goal of identifying any major issues such as site, building or device down before 7 am.
Occasionally the SentinelOne agents included in our CSEDR offering are operating but show a red “x” denoting that the agent is operational, but not visible to the main SentinelOne console. SentinelOne has updated their agents to better explain why they are not communicating.
We all understand the scourge of Ransomware. It is debilitating. Even in the best case, it consumes a huge amount of time to recover. However, now the bad guys are getting even more nasty. They want their money. If you decide you can recover or don’t care, they get nothing.
“You don’t have to run faster than the bear to get away. You just have to run faster than the guy next to you.” ― Jim Butcher Recently we had the former White House Chief Information Security Officer (CISO) on our webinar talking about the Ukrainian war and its impact on us.
I was watching a panelist discussion post-mortem discussing firsthand knowledge of 25 major ransomware-style breaches. One of the panelists was an award-winning, ex-NSA offensive hacker. One item that was stressed as a common theme across many breaches was credential theft being the number one way bad people get into the network.
Last weekend my youngest daughter started a new baton program on Saturday mornings. Sitting there I realized I have been taking at least one of my four daughters to baton for the last 22 years across two different teams in two different towns.
How do you intend to block lateral movement if an attacker has made it into your network? In looking at recent ransomware attacks there are some consistent attack vectors used for lateral movement that are almost always exploited.