As more remote work from home happens, your collaboration tools need more scrutiny. A popular choice for instant messaging and video conferencing is Microsoft’s Teams, and securing this application will be a challenge. Teams already has had one major exploit that would allow a malicious actor to use the Microsoft Teams Updater to download any…

After a compromise, the first thing investigators will do is review the log files. The default logging on Windows machines, however, does not capture enough information to identify forensic artifacts. You can adjust your logging settings to get enough information to investigate attacks. First, download and install Sysmon on outward-facing machines. Sysmon remains resident across…

Cisco has released another batch of critical security updates for flaws in Cisco Data Center Network Manager (DCMN) and the Cisco SD-WAN Solution software. Cisco Data Center Network Manager flaws Cisco Data Center Network Manager is the network management platform for all NX-OS-enabled deployments, spanning new fabric architectures, IP Fabric for Media, and storage networking…

While most enterprises are committed to modernizing their application software portfolios, there are still myriad challenges to overcome and improvements to be made, according to a survey conducted by Hanover Research. According to the report, application development functions have a full agenda for the next 12 months, with the majority seeking improvements in speed, quality…

The need to manage patching on home machines that have no Group Policy, Windows Server Update Services (WSUS) or System Center Configuration Manager (SCCM) control means that you may be looking for alternatives. Employees’ personal machines might run Windows 10 Home version, which has limited ability to control updates. With corporate-owned machines you have more…

CyberSaint announced new updates to its flagship CyberStrong platform allowing customers to identify, measure, and dynamically manage IT and cybersecurity risks along the risk management lifecycle. These updates reinforce CyberSaint’s mission to enable organizations to manage cybersecurity as a business function by enabling agility, measurement, and automation across risk, compliance, audit, vendor, and governance functions…

REMnux is a popular Linux-based toolkit for reverse-engineering malicious software which malware analysts have been relying on for more than 10 years to help them quickly investigate suspicious programs, websites, and document files. As the security industry matures, it becomes harder to keep track of all the tools that are available to assist with the…

An investigation, which concluded that counterfeit network switches were designed to bypass processes that authenticate system components, illustrates the security challenges posed by counterfeit hardware. Counterfeit Cisco Catalyst 2960-X series switches F-Secure Consulting’s Hardware Security team investigated two different counterfeit versions of Cisco Catalyst 2960-X series switches. The counterfeits were discovered by an IT company…