Many attackers and hosts infected with malware try to infect other hosts by scanning networks for open ports exposed to the Internet. After finding an open port, a malicious third party will attack software running on that port using known vulnerabilities. These published software flaws can cause damage or allow unauthorized access to hosts and networks. Often vendors publish … [Read more...]
How to Automate Deployment of a WatchGuard Firebox Cloud on AWS
The last Secplicity blog post in this series on cloud security described the security benefits of CloudFormation for automated deployments. CloudFormation can deploy security appliances in AWS accounts that help protect applications and data in cloud environments. UTM (or Next-Gen Firewall) on AWS Deploying a WatchGuard Firebox Cloud is one way to increase security in an … [Read more...]
Network Security: Mining the Alphabet Soup for What Matters
The security industry likes to create acronyms – IAM, UTM, NGFW, MFA, EDR, etc. Perhaps it comes from the general human tendency of wanting to simply define complex topics. In an ever-changing industry, like information security, these acronyms and groupings create major challenges over time. Each year there are new threats, and with that comes more innovation and different … [Read more...]
Hospital Held Ransom – Daily Security Byte EP. 219
Crypto ransomware has plagued consumers and small business for a few years now, but when it affects hospitals things get dangerous. Watch Friday's Byte to learn how ransomware forced a hospital in LA back to the paper age, and what you can do to prepare your organization from a digital disaster. (Episode Runtime: 2:46) Direct YouTube … [Read more...]
Five Top Tips to Help Protect Your Critical Data
I often question the validity of the term Information Security. While it has “information” in the name, I feel we spend more time protecting our technologies and devices than we do figuring out what information is most critical to our businesses, and catering our protections to that data. As information security professionals, we need to focus more on directly defending … [Read more...]