The Cybersecurity and Infrastructure Security Agency (CISA), a part of the Department of Homeland Security, has issued Analysis Report (AR20-268A) on Thursday September 24th, 2020. The report states that CISA became aware of a potential compromise of, as of now, an unnamed federal agency’s network. Through collaboration with the affected agency, CISA was able to […]

Back in August of 2020, a pretty big bug/vulnerability was being addressed by Microsoft with a 2-phase deployment. The first as a temporary fix and the second coming this February (2021) to wrap it up. The bug has gathered popularity due to code that demonstrates how to exploit unpatched systems has been released into the […]

Citrix published Security Bulletin CTX276688 on July 7, 2020 covering vulnerabilities recently discovered in Citrix ADC (formerly known as Netscaler ADC), Citrix Gateway (formerly known as Netscaler Gateway) and  SD-WAN WANOP. The vulnerabilities have been identified, with an increased risk of systems compromise and information disclosure, as well as the potential for unauthorized privilege elevation, […]

When I first heard the term “Shadow IT”, I had just finished watching Batman Begins, so the first thing that came to mind was a group of super villainous techies working for the League of Shadows, trying to collapse society one network at a time. The true definition of Shadow IT isn’t  anywhere near as […]

  Appleton, WI – December 6, 2017–  EDCi, a full-service technology and communication solutions provider has announced a partnership with RedLegg, a global provider for managed and cybersecurity services. RedLegg provides a Channel Partner Program with comprehensive advisory solutions for real-world data protection and security challenges. Three core service offerings are Advisory which includes, Virtual […]

I had a discussion recently with a customer regarding firewall “ownership”.  Not which group owns the firewall (typically network, firewall or security) but actually taking ownership of the access rules within the firewall.  Sounds pretty boring, huh? Perhaps, but it is one of the most critical components your company can have in a layered security […]

Feeling a touch nostalgic last night, I listened to Adam Sandler’s 1993 comedic album, “They’re All Going to Laugh at You”.  The title purportedly comes from a repeated phrase in the 1976 horror movie Carrie. On the album, Sandler’s character keeps screaming, “Nooooo!! They’re all going to laugh at you!!” much to the anger and […]

One of the most intensive and time consuming processes that any security engineer tackles is trying to put together the pieces of an attack lifecycle. From the endpoint analysis to the detection capabilities on the network devices, tracing an incident throughout your organization requires advanced technical skills and a solid methodology from the security analyst.  […]

“If the world would be perfect, it wouldn’t be” ~ Yogi Berra Likewise, so are the actions of some information security practitioners. Have you ever spoken to an information security practitioner who loves to ring the alarm?  They tell everyone about the latest breaches and whose data was stolen, grumble about technology or processes that have […]

Ransomware is one of the most sinister threats out there for organizations because it is the most profitable type of malware attack. Once a cybercriminal hacks into a company’s files and encrypts them, organizations have little option but to pay the asking price for the code to decrypt and regain their original files. Understanding each […]