Previously we talked about limiting the use of “local administrators” to improve the security of your network. However, we do actually need a local administrator account to exist because, sooner or later, a tech is going to need that account to properly install software or update the machine.

In this week’s Tech Tidbit I want to talk a bit about the importance of implementing proper control of DNS as part of your malware protection program. DNS lookups and / or the hijacking of DNS lookups are an often-used tool by many malware agents to help enable the success of their intended attacks.

In the real world, it’s no longer a matter of if an attacker will get in, but when and for how long. Is your district really prepared? I am pleased to invite you to 2nd Annual Security event on Dec 5, 2017, in our offices in Fishkill. This year’s event will feature actual hands-on experiences […]

I have been talking over the past year about “Hardening Active Directory”.   In those discussions, we have been talking about implementing a granular password policy so that you K-2 students have a lower password requirement than your financial and guidance users.

Welcome to the second installment of, “Weekly Tech Tidbits”.    This week I am going to answer a very common question, “Why do we have to remove local Administrator rights to workstations?” The answer is quite simple. Almost every single attack on your network begins on a workstation.

Welcome to the inaugural edition of CSI’s “Your Weekly Tech Tidbit”. Building on Scott’s ever popular Tech Tidbits portion of our quarterly Tech Talk / SYSOP meetings, each week either Scott or I will be sharing a timely thought for the week based upon what we see happening in IT that is of relevance to […]

Reuters reports, “A bill proposed in Congress on Wednesday would require the U.S. National Security Agency to inform representatives of other government agencies about security holes it finds in software like the one that allowed last week’s “ransomware” attacks.

Systems Affected Microsoft Windows operating systems Overview According to numerous open-source reports, a widespread ransomware campaign is affecting various organizations with reports of tens of thousands of infections in as many as 74 countries, including the United States, United Kingdom, Spain, Russia, Taiwan, France, and Japan.

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency […]

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker may exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates: macOS Sierra, Security Updates(link is external) iOS(link is external) […]