Bob and I have discussed over and over the need for improved public wireless configuration. Some of you have gotten the message. Sadly many have not. As we approach the summer, let’s get this fixed once and for all. Here are a few design changes many of you need to implement: If your endpoints in […]
Do you know how secure you are from the outside world? Maybe you’re new and inherited a network, or there has been so much churn over the years with servers being added and retired and software previously available in-house now being hosted? Maybe you have just lost track of patching? Regardless of the reason, a […]
I have been watching the Cisco AMP and Paladin CyberSentinel Managed Endpoint Detect & Respond consoles for a number of clients of late. One thing is extremely apparent. Your administrators are under constant attack from emails with fake invoices, as well as Microsoft Word and Excel documents – all of which are infected.
This tidbit is a refresher on looking at Cisco Firepower Intrusion Event logs and daily reports. Specifically, I wanted to review for all of you again the meaning of two key columns, the Impact and Inline Result columns The Firepower Impact scale is designed to help the recipient understand where to focus scarce resources first.
Keeping up with my theme on DNS related posts, this week I will again reprise a post from over a year ago on the importance of implementing proper control of DNS as part of your malware protection program. It remains as valuable part of your overall all network and security management policies.
The US-CERT (Computer Emergency Response Team) recently gave a presentation on what China has been doing to hack anything they can hack with the goal of stealing intellectual property, money and personally identifiable information. While most public sector schools and government agencies are generally not vast repositories of intellectual property, they do manage and transfer […]
We constantly harp on all of you segregating third-party vendor equipment on to vendor VLANs. The purpose of that is to keep third-party vendor equipment completely away from your internal network. Ideally, we don’t want these vendors to see, touch, or ask your internal network anything.
Last month on January 22nd the US Dept of Homeland Security took the unusual step of issuing Emergency Directive 19-01 to all Federal Agencies. The directive issued steps that had to be taken by those agencies to mitigate potential DNS infrastructure tampering.
This tech tidbit is a reprise of a tidbit we sent out back in June of 2018. You may have missed this post back then as it was the end of the school year and preparing for summer was upon all of us. But, I wanted to bring it to all your attention again.
The FBI came to visit us last week. No it wasn’t an investigation. It was for CSI’s 3rd annual Security Event. I have talked about the topic of Cyber Threats in person and on-line, but our Supervisory Special Agent had a few interesting things to say beyond the topics Bob and I have been discussing […]
