Resources

VMware has published a security advisory regarding a critical out-of-bounds write vulnerability (CVE-2023-34048) that has been fixed in the latest updates released by VMware. The vulnerability shared in this Cybersecurity Threat Advisory has received a critical severity rating by VMware.

I learned to drive “on the wrong side of the road” on a Monday morning in downtown London.   I hit my first object in about 50 feet when I ran over the cross beam of a crowd fence and it bounced up and tapped my car.   It was scary, but I eventually got to the […]

Late in the afternoon on a Friday, I created a bit of a scare for those of you who are part of our Paladin Sentinel monitoring system.  I was doing my due diligence removing a monitoring policy we experimented with after our last major system upgrade, but didn’t provide any value to us or you.

We have a new technology coming online with all the popular web browsers.  It is called DNS over HTTPS or DoH.   The concept is instead of using your internal DNS to resolve web pages, the web browser goes back to an external DNS site to resolve the page.

We all understand the scourge of Ransomware.   It is debilitating.   Even in the best case, it consumes a huge amount of time to recover.  However, now the bad guys are getting even more nasty.   They want their money.   If you decide you can recover or don’t care, they get nothing.

  “You don’t have to run faster than the bear to get away. You just have to run faster than the guy next to you.” ― Jim Butcher Recently we had the former White House Chief Information Security Officer (CISO) on our webinar talking about the Ukrainian war and its impact on us.

I was watching a panelist discussion post-mortem discussing firsthand knowledge of 25 major ransomware-style breaches. One of the panelists was an award-winning, ex-NSA offensive hacker.  One item that was stressed as a common theme across many breaches was credential theft being the number one way bad people get into the network.

  “None shall pass” -The Black Knight “Monty Python and the Holy Grail” Today I would like to challenge you to “test two aspects of your network backups. Most of you have never done this because yPreview (opens in a new tab)ou are “too busy putting out fires”. It is summer.

  A few years ago, in a Tech Talk I talked about a major college that suffered a complete network lockout due to a soda machine that introduced malware into the network that sought out all the default passwords on their devices and locked out an estimated 5,000 devices that each had to be manually […]

“Treat your password like your toothbrush. Don’t let anyone else use it and change it every six months” -Clifford Stoll Password security is always on our minds. The NYS Comptroller’s Office technology audits love to list this in audit reports as an area that needs improvement.