Teamwork for the Win: A Technical Breakdown and Response to the Kaseya Attack
On Friday, July 2, the cybercartel REvil launched a supply chain attack on Kaseya VSA servers that reached scores of Managed IT Service Providers (MSPs), hundreds of their clients, and enterprise Kaseya users, spanning at least 17 countries. This week, our Senior Incident Response Engineer, Kerry McQuarrie, is giving you a breakdown of everything you need to know about the Kaseya attack.
Read More
Teams Can Do All That? How to Up Your Video Conferencing Game
The question most of us face when scheduling meetings now is not whether to meet in person or not, but which conferencing platform to use. Of all the options out there, Microsoft Teams is certainly one of the most preferred. In fact, if your organization uses Microsoft Office 365, you already have access to Microsoft Teams as part of your stack. Are you leveraging the app’s full potential, though? Teams has some tricks that can help you wring a bit more efficiency out of your meetings than you may have even realized was possible.
Read More
Monitoring Your DNS Can Prevent Credential Theft and Brand Disasters
DNS attacks can result in massive profit loss. The fact is, your DNS is an attractive target to attackers, and you need ongoing assurance that it’s secure. We are going to explore several common types of DNS attacks, as well as what you can do to catch them.
Read More
Intune: Common Applications and Uses
The reality most of us live with is that our end users need to use company software on personal devices, but you still need to manage, protect, and inventory all of that software and data. If your teams use Microsoft products to accomplish basic business tasks, and you would like to free them up to work from anywhere without compromising your management and security policies, you’ll want to take a look at Intune. Intune is Microsoft’s current solution for Mobile Device Management (MDM) and Mobile Application Management (MAM).
Read More
It’s 2021. Time to Simplify Your Security Tool Stack
Many of us in IT and Cybersecurity have acknowledged that we may be in the middle of the most tenuous cybersecurity climate in recent history. Cyber threats are becoming a day-to-day struggle for businesses, and the trends are not improving. Many businesses are still struggling to address pandemic-related fallout. Meanwhile, cyber-attacks have been relentlessly destructive in a climate that was dire to begin with. What we are living through is a “perfect storm” on which bad actors are all too happy to capitalize. The pandemic has forced many companies to rapidly ramp up remote workforces, often before they were prepared to do so, creating additional inroads for attackers to exploit. The disastrous combination of increased vulnerabilities and eager cybercriminals seem to play out week after week.
Read More
Close the Front Door: Planning & Enabling MFA
Usually when an organization is at the point of considering MFA, it is already too late. When we think of how MFA protects us, we need to look at this as a very simple and proactive solution where we back up our passwords with another layer of security. Unless someone has access to your MFA device, the password no longer matters, and they cannot proceed to the account. Plus, an additional benefit is that the device will alert you of the request for access.
Read More
HIPAA Versus 2021: Patients’ Rights in Track and Trace Applications
In the age of Covid-19, technology developers and healthcare providers are working together to find solutions. This kind of partnership is not new, it is not surprising that public health experts are looking to technologies and applications now to help solve Covid-related issues, collecting and leveraging diagnosis data to inform individual and community strategies. This could be an important step in addressing the ongoing pandemic, but also raises longer term questions about patient rights and the adequacy of language in the Health Insurance Portability and Accountability Act (HIPAA) to address new scenarios created by rapidly developing technology.
Read More
The Seven Stages of Cybersecurity Grief
Encouraging advice for recognizing where you are and continuing your progress on your path to cybersecurity maturity.
Read More
If Time is Money, Documentation is an Investment That Pays Dividends
Considering the complexity of modern computing systems, and the ongoing merge between compliance, security, and IT management, documentation has become more important than ever. With the number of servers, desktops, routers, switches, printers, and security devices required for a business to thrive always increasing, modern networks are a complex and sometimes confusing environment. The speed at which these network environments change and grow is often hard to keep up with. Therefore, proper documentation of your network is very important.
Read More
How a Malware Incident Can Affect Your HIPAA Compliance
For organizations under obligations to meet HIPAA compliance, a malware attack can have fallout far beyond simply losing access to your systems. Leveraging new attack methodology, cyber criminals can expose, exfiltrate, and even publish patient data, adding the impact of HIPAA noncompliance to their list of risks.
Read More