Blog
Alert icon

Identities and Vulnerabilities 

The Cybersecurity and Infrastructure Security Agency (CISA), a part of the Department of Homeland Security, has issued Analysis Report (AR20-268A) on Thursday September 24th, 2020. The report states that CISA became aware of a potential compromise of, as of now, an unnamed federal agency’s network. Through collaboration with the affected agency, CISA was able to […]

Alert icon

Domain Controllers Are At Risk With Zerologon

Back in August of 2020, a pretty big bug/vulnerability was being addressed by Microsoft with a 2-phase deployment. The first as a temporary fix and the second coming this February (2021) to wrap it up. The bug has gathered popularity due to code that demonstrates how to exploit unpatched systems has been released into the […]

Alert icon

ALERT: Citrix ADP, Gateway and SD-WAN WANOP Vulnerabilities

Citrix published Security Bulletin CTX276688 on July 7, 2020 covering vulnerabilities recently discovered in Citrix ADC (formerly known as Netscaler ADC), Citrix Gateway (formerly known as Netscaler Gateway) and  SD-WAN WANOP. The vulnerabilities have been identified, with an increased risk of systems compromise and information disclosure, as well as the potential for unauthorized privilege elevation, […]

Shadow IT – What You Need To Know

Shadow IT – What You Need To Know

When I first heard the term “Shadow IT”, I had just finished watching Batman Begins, so the first thing that came to mind was a group of super villainous techies working for the League of Shadows, trying to collapse society one network at a time. The true definition of Shadow IT isn’t  anywhere near as […]

EDCi Announces Managed Security Services Partnership With RedLegg

EDCi Announces Managed Security Services Partnership With RedLegg

  Appleton, WI – December 6, 2017–  EDCi, a full-service technology and communication solutions provider has announced a partnership with RedLegg, a global provider for managed and cybersecurity services. RedLegg provides a Channel Partner Program with comprehensive advisory solutions for real-world data protection and security challenges. Three core service offerings are Advisory which includes, Virtual […]

Why Firewalls Need Constant Refreshing… And Having Your Engineers and Your Business Take Ownership!

Why Firewalls Need Constant Refreshing… And Having Your Engineers and Your Business Take Ownership!

I had a discussion recently with a customer regarding firewall “ownership”.  Not which group owns the firewall (typically network, firewall or security) but actually taking ownership of the access rules within the firewall.  Sounds pretty boring, huh? Perhaps, but it is one of the most critical components your company can have in a layered security […]

How Adam Sandler Can Enlighten Us on Risk Management

How Adam Sandler Can Enlighten Us on Risk Management

Feeling a touch nostalgic last night, I listened to Adam Sandler’s 1993 comedic album, “They’re All Going to Laugh at You”.  The title purportedly comes from a repeated phrase in the 1976 horror movie Carrie. On the album, Sandler’s character keeps screaming, “Nooooo!! They’re all going to laugh at you!!” much to the anger and […]

Why A SIEM Platform is Critical to Every Organization

Why A SIEM Platform is Critical to Every Organization

One of the most intensive and time consuming processes that any security engineer tackles is trying to put together the pieces of an attack lifecycle. From the endpoint analysis to the detection capabilities on the network devices, tracing an incident throughout your organization requires advanced technical skills and a solid methodology from the security analyst.  […]

Moving Beyond the FUD Factor

Moving Beyond the FUD Factor

“If the world would be perfect, it wouldn’t be” ~ Yogi Berra Likewise, so are the actions of some information security practitioners. Have you ever spoken to an information security practitioner who loves to ring the alarm?  They tell everyone about the latest breaches and whose data was stolen, grumble about technology or processes that have […]

5 Phases of Ransomware Attacks

5 Phases of Ransomware Attacks

Ransomware is one of the most sinister threats out there for organizations because it is the most profitable type of malware attack. Once a cybercriminal hacks into a company’s files and encrypts them, organizations have little option but to pay the asking price for the code to decrypt and regain their original files. Understanding each […]