When talking to IT and Security professionals, everyone seems to know they shouldn’t overly-expose management portals. And yet, every year we learn some new statistic showing tens of thousands of devices or software products with management portals exposed on the Internet. In hopes of changing this trend, this article talks about why management portals sometimes get exposed and … [Read more...]
Sharing Cyclops Blink Threat Intelligence with the Community
At WatchGuard, we understand the importance of sharing threat intelligence with the information security (infosec) community when safe and appropriate. Not only does this information sharing help to directly defend against known threats, but it also helps the community at large learn from the attacks found in the wild, and appropriately adjust detection and defense strategies. … [Read more...]
What to Make of the Biden Administration’s New ICS Cybersecurity Initiative
Yesterday, the Biden Administration unveiled a new initiative to help improve the cybersecurity stance of the industrial control systems (ICS) that manage the nation’s critical infrastructure. As recent events (like the Colonial Pipeline ransomware incident) have shown, disruptions to critical infrastructure can have serious, potentially even fatal consequences. In short, this … [Read more...]
Breaking Alert: MSP Targeted Ransomware Attack (Kaseya Supply Chain Attack)
Managed Service Providers (MSPs), especially ones using Kaseya VSA, should read this and take action as soon as possible. High-level Summary: On Friday, July 2, some MSPs using the on-premises version of Kaseya VSA suffered ransomware attacks that trickled down to their customers. Kaseya says around 1500 companies (so far), many customers of MSPs, have been affected and the … [Read more...]
Tackling 2021 Security Planning and Budgeting
Annual planning and budgeting has always been a critical, albeit potentially cumbersome aspect of establishing a successful security posture. Information security doesn’t contribute directly to the bottom line for most companies and management often views it as a cost. That’s why it’s essential for CISO and security leaders to allocate the budget they do get as effectively as … [Read more...]