A few years ago, I worked alongside some oil commodity traders. Environmental concerns aside, I never realized how many parts were required to get the oil out of the ground, not to mention everything else that finally resulted in the production of refined products that surround our lives. As a cybersecurity professional, I was more interested in how all

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks.According to an advisory published by CISA, an increasing number of attacks have succeeded as more employees have begun to work remotely w

In a previous blog, I discussed securing AWS management configurations by combating six common threats with a focus on using both the Center for Internet Security (CIS) Amazon Web Services Foundations benchmark policy along with general security best practices.Now I’d like to do the same thing for Microsoft Azure. I had the privilege of being involved in the

Today’s VERT Alert addresses Microsoft’s January 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-922 on Wednesday, January 13th.In-The-Wild & Disclosed CVEsCVE-2021-1647A vulnerability in the Microsoft Malware Protection Engine (MMPE) is currently seeing active exploitation. Since the MMPE is

In their attempt to extort as much money as quickly as possible out of companies, ransomware gangs know some effective techniques to get the full attention of a firm’s management team.And one of them is to specifically target the sensitive information stored on the computers used by a company’s top executives, in the hope of finding valuable data

Con la llegada de COVID-19  las organizaciones de todo el mundo fueron obligadas a hacer la transición de sus empleados a trabajar desde casa, en un momento en que la infraestructura de red de las organizaciones es más compleja que nunca. Esta complejidad no es única de los entornos de IT. De hecho, las máquinas y los procesos de producción también se e

If high-tech gadgets are on your holiday shopping list, it is worth taking a moment to think about the particular risks they may bring. Under the wrong circumstances, even an innocuous gift may introduce unexpected vulnerabilities. In this blog series, VERT will be looking at some of the Internet’s best-selling holiday gifts with an eye toward their possible

Last week, the United States Cybersecurity & Infrastructure Security Agency (CISA) advised on initial steps to take in response to the SolarWinds software that was compromised by advanced persistent threat actors. While federal agencies were under a deadline to complete certain actions, this issue will require continued clean-up and longer-term efforts t

Every website on the Internet is somewhat vulnerable to security attacks. The threats range from human errors to sophisticated attacks by coordinated cyber criminals.According to the Data Breach Investigations Report by Verizon, the primary motivation for cyber attackers is financial. Whether you run an eCommerce project or a simple small business website, t

Vulnerability DescriptionThe United States Cybersecurity & Infrastructure Security Agency (CISA) has advised that an advanced persistent threat (APT) actor was able to insert sophisticated malware into officially signed and released updates to the SolarWinds network management software [1]. The attacks have been ongoing since at least March 2020 and CISA

Life for university students has changed massively during the coronavirus pandemic, as it has for all of us. While some in-person lectures and seminars are still taking place, there has been a big shift to remote learning. This has, perhaps understandably, led to concerns about how well students are engaging with this way of studying.Many universities have s

For the longest time, or as far as I can remember, the holy grail of all networking platforms has been the need for a single pane of glass, that single source of all information that you would need to be most effective.So, what is a single pane of glass?   If you take it at face value, it simply means a window that consists of a single square frame

2020 has been a very interesting year for the global workforce, with the vast majority of organizations having to rapidly transition to a remote workforce with little to no prior notice thanks to the COVID-19 pandemic.The 2020 (ISC)2 Cybersecurity Workforce Study looks at the effect of this transition to remote work and how organizations have fared. It also

It’s time to say a final “Goodbye” to Flash.(Or should that be “Good riddance”?)With earlier this week seeing the final scheduled release of Flash Player, Adobe has confirmed that it will no longer be supporting the software after December 31 2020, and will actively block Flash content from running inside Flash Player from Janua

Hey, did you get that sketchy email? You know, the one from that malicious hacker trying to fool us into clicking on some malware? Boy, these criminals are relentless. Wait, what? You clicked on it? Uh-oh.A hypothetical scenario, but one that plays out every day in organizations across the globe — a very real scenario that provides a good reason to take a de