In February of 2020, Cisco released a multitude of patches related to Cisco CDP vulnerabilities. If you did not already know CDP stands for Cisco Discovery Protocol, and pretty much every Cisco product ever from switches to routers to phones to security cameras uses it in some way shape or form. What is CDP? Cisco […]
CVE-2019-19781 Impacts Citrix ADC and Citrix Gateway Devices: What You Need to Know
In December of 2019, a vulnerability was found in the Citrix Application Delivery Controller (Citrix ADC) and the Citrix Gateway. These products were both formerly known under the NetScaler name. This Vulnerability has been widely discussed in both the Citrix and Information Security communities. According to NIST, the severity of this vulnerability is Critical. What […]
2019 Ransomware in Review
Who doesn’t love ransomware? Today we are going to talk about a couple of variants of ransomware that hit unsuspecting organizations in 2019. If you haven’t heard of ransomware before, let’s start with a small reminder of what ransomware is. What is Ransomware? Ransomware is a type of malware that simply holds your systems ransom, […]
All About Microsoft Defender ATP for Mac
Apple computers have steadily become more prevalent in the enterprise over the years. Love them or hate them, Macs are here to stay in your organization’s IT environment. Whether they are there due to business requirements, the rise of BYOD, or to just provide choice for your employees, managing them securely is essential. This is […]
Cool New Windows 2019 Features
After a rocky start in October due to a bad Windows Update that impacted the brand new Windows 2019 platform, Windows 2019 is available and being deployed. With every new Windows version comes a host of new features and functionality. Let’s take a look at some of the coolest new features in Windows 2019, broken […]
Your Guide to Secure Web Browsing
For as long as many of us can remember we have been starting our World Wide Web journeys by typing http://. If you have not already noticed, many sites now require https:// to access them. As a refresher, recall that HTTP actually stands for hyper text transfer protocol, and when we add an S on […]
Interactive Learning on AWS by Finding flAWS
Learning about security is something that is, or should be, on everyone’s todo list. As we look to the public cloud for new ways to deploy and manage infrastructure, we also have to look at how new security models and procedures have to come along with it. An interesting way to make this easier and […]
User Behavior Analytics for the Individual Cloud User
In a recent conversation with a colleague in the UK, Johan Dreyer, (Mimecast Email Security Director); we discussed an interesting angle on the future of data security for the individual user. That of utilizing User Behavior Analytics (UBA) as a means of protection from impostor access. The Real Enterprise Problem Often times we think of […]
Securing the Internet of Things
Just about everything has the potential to be Internet connected these days. Your watch, your car, your refrigerator, your house, the list is endless. This also goes far beyond the things we’re used to connecting to the Internet such as computers, phones, and cameras. The term Internet of Things, or IoT, has been coined over […]
Breaking Things at Def Con to Harden Security Awareness
Next week I’m attending Def Con 24.Work isn’t sending me; I’m taking vacation to go with my friends. Because that is what nerds do. Def Con is something I’m doing for my own professional development (and enjoyment!). One of the hottest topics in cloud these days is cybersecurity. There’s good reason for that: ransomware is […]