“None shall pass.” -The Black Knight, Monty Python, and the Holy Grail We continue to see attacks from misconfigured VPNs. Today I want to focus on legitimate user’s who have VPN access to your networks.

A few years ago, there was a very public cyber insurance denial case. As I understand it, the business contracted with Travelers for cyber insurance. They filled out their questionnaire and stated that they had multi-factor authentication (MFA) everywhere.

As we mentioned in our last bulletin, in January 2023 CISA published a report “Partnering to SafeGuard K-12 Organizations from Cybersecurity Threats”. In that report, CISA suggested that schools start their Cybersecurity journey by implementing six of the Highest-priority security measures.

In August of 2021, CISA added “Single Factor Authentication” to its list of practices it considers “exceptionally risky” as it exposes you to an “unnecessary risk from threat actors”. As a result, you may start to see requests from multiple sources to implement multi-factor authentication (MFA) strategies.

In October 1993 I was sitting in a van in dusty Nmanga, Kenya. Nmanga was the only legal border crossing between Kenya and Tanzania. It is next to Amboseli National Park and just to the West of Mount Kilimanjaro. My guide instructed our group to wait in the van with the windows up and the […]

Last weekend my youngest daughter started a new baton program on Saturday mornings. Sitting there I realized I have been taking at least one of my four daughters to baton for the last 22 years across two different teams in two different towns.

In August of 2021, CISA added “Single Factor Authentication” to its list of practices it considers “exceptionally risky” as it exposes you to an “unnecessary risk from threat actors”. Your district auditors and the NYS Comptroller’s Office technology auditors are most likely pestering you about your multi-factor authentication (MFA) strategies and beginning to ding you […]

I was watching a panelist discussion post-mortem discussing firsthand knowledge of 25 major ransomware-style breaches. One of the panelists was an award-winning, ex-NSA offensive hacker.  One item that was stressed as a common theme across many breaches was credential theft being the number one way bad people get into the network.

  In August of 2021, CISA added “Single Factor Authentication” to its list of practices it considers “exceptionally risky” as it exposes you to an “unnecessary risk from threat actors”. Your district auditors and the NYS Comptroller’s Office technology auditors are most likely pestering you about your multi-factor authentication (MFA) strategies and beginning to ding […]

  Last weekend my youngest daughter started a new baton program on Saturday mornings. Sitting there I realized I have been taking at least one of my four daughters to baton for the last 22 years across two different teams in two different towns.