Reactive security practices will only get you so far. rmsource will be the first to tell you that a strong prevention (not detection) strategy is the best foundation for any cyber security practice. In order to stand a fighting chance against today’s threat actors and the staggering volume of attacks, dynamic prevention must be incorporated…
Our table-stakes checklist to protect your network from threat actors
Due to recent tensions between the United States and Iran, the DHS/US Government as well as other 3rd party intelligence sources and security manufacturers, have issued alerts and recommendations for heightened cyber activity by Iranian threat actors. The Cybersecurity and Infrastructure Security Agency (CISA) issued an announcement providing guidance specific to Adversarial Tactics and Techniques (Mitre ATT&CK Framework)…
Keys to protect your organization from cybersecurity attacks
Recently, Mark Outlaw, our CEO, and I participated on a panel for Check Point on the topic of cybersecurity threats and protections. While sharing insights with the group of IT leaders and infosec experts, we were able to raise some key reminders for protecting your organization — no matter the size or sector. The most important…
Expected Release: DDoS Protection for Microsoft Azure Government Cloud Virtual Networks
For those on the Azure Government Cloud, we’re expecting to see an announcement from Microsoft in the next 60 days (or so) regarding the release of the Azure Distributed Denial of Service (DDoS) built-in protections. Back in May, the general availability of DDoS for the Azure Cloud was released – offering a no cost basic plan that includes always-on traffic monitoring,…
Microsoft Announces General Availability of Azure DDoS Protection for Virtual Networks
While Distributed Denial of Service (DDoS) attacks are not new, they are one of the top availability and security concerns for companies considering a transformation to the cloud. We’re seeing increases of type, scale, and frequency of occurrence as they are relatively easy and cheap to launch and often are motivated by extortion or hacktivism….
InfoSec Alert – GDPR Phishing Campaigns
Several reports have recently emerged of email phishing campaigns attempting to lure business personnel to websites soliciting business and personal financial information. These messages include some wording demanding the recipient urgently take some action such as clicking a link and entering information in order for the purported sender to update their records. This latest campaign…
InfoSec Alert – CPU Vulnerabilities
Recently discovered speculative execution side-channel vulnerabilities make it possible for threat actors to fetch memory content across trust boundaries, leading to disclosure of sensitive data such as passwords, keys, tokens, etc. While this flaw is web-enabled and exploitable through Mozilla Firefox and MS Internet explorer, webservers, CDNs etc., there is no known exploit in the…
Wi-Fi Security Vulnerability – Update
Please note, attacks can be performed against clients and network infrastructure components. It is critical to update both client devices and wireless infrastructure. Affected/Notified Vendors and Manufactures: CERT Vendor Information for VU#228519 https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4 Manufacture Bulletins: Microsoft Corporation Updates available – Silent release in Oct 10th patch https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080 Cisco Updates available for specific hardware and IOS…
InfoSec Alert – WPA2 Protected Access
“An attacker within the wireless communications range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocol being used. Impacts may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast, broadcast, and multicast frames.” https://www.kb.cert.org/vuls/id/228519 The…
Hurricane Harvey Phishing Scam
US-CERT warns users to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Harvey. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Harvey, even if it appears to originate from a trusted source. Fraudulent emails will often contain links or…