Public Exploit Modules Available for Cisco Prime Infrastructure Vulnerability

Users of Cisco Prime Infrastructure Software are urged to update to the latest version to address one of two vulnerabilities that, when chained, could lead to remote code execution with system-level permissions. Background Cisco released an advisory for CVE-2018-15379, an arbitrary file upload and command execution vulnerability for its Cisco Prime Infrastructure (CPI) software. The CPI management … [Read more...]

Did China Pull off the Biggest Hardware Hack in History?

For years, there have been concerns of the Chinese government building backdoors and spying capabilities in to phones and hardware built on their soil, and now it seems those concerns are coming to head with a recent Bloomberg story that alleges that Chinese government agents installed thousands of spy chips into servers used by Amazon, Apple, and the US government. How true are these allegations, … [Read more...]

WhatsUp Gold Integration with Cisco Connected TAC

In this podcast, Ipswitch's Director of EMEA, John McArdle, discusses a new and powerful integration within Ipswitch's network monitoring tool, WhatsUp Gold. … [Read more...]

Workplace violence: the forgotten insider threat

Organizations are no stranger to insider threats. In fact, for those who have been around long before the Internet, workplace violence, (alongside spying) is a problem many businesses have seen before and sought to address. However, the adoption and use of the Internet completely changed the way organizations run and grow their businesses, how customers can communicate with companies, and how … [Read more...]

Fake browser update seeks to compromise more MikroTik routers

This blog post was authored by @hasherezade and Jérôme Segura. MikroTik, a Latvian company that makes routers and ISP wireless systems, has been dealing with several vulnerabilities affecting its products’ operating system over the past few months. Ever since a critical flaw in RouterOS was identified in late April 2018, attacks have been going on at an alarming rate, made worse when … [Read more...]

The ingredients of a nutritious security burrito 

Years ago, antivirus (AV) was often considered the backbone of cybersecurity. Many IT professionals figured AV was enough to prevent their users from falling victim to a cyberattack.  However, the industry has now shifted to a “defense-in-depth” model, otherwise known as “layered security.” We realized that AV wasn’t enough. Patch management alone wasn’t enough. Businesses had to start … [Read more...]

Thycotic Executive Wins Americas Award for Cybersecurity for Dummies eBook

Joseph Carson Wins 2018 Information Security Leadership Award for Community Awareness Category  WASHINGTON, D.C., October 12, 2018 — Thycotic, a provider of privileged access management (PAM) solutions for more than 10,000 organizations worldwide, today announced its Chief Security Scientist, Joseph Carson, was selected as a winner of the 2018 Information Security Leadership Award (ISLA) … [Read more...]

86 Questions Answered on Windows Server 2019

86 questions asked by IT Pros on Windows Server 2019 covering Clustering, Containers, Hardware, Linux, Management, Networking, Storage, Security, and more! Read the post here: 86 Questions Answered on Windows Server 2019 … [Read more...]

The Pressure on CISOs is Ramping Up

Back in the day, all CISOs needed to do to get their cybersecurity budgets approved was to intentionally confuse the rest of the C-suite by using overly-complex technical language and showing pretty infographics with lots of red. More often than not, fear was used as a tactic to justify spending money on cybersecurity solutions. This evolved over the years as new regulatory bodies introduced … [Read more...]

Tenable Research Advisory: Multiple HPE iMC Vulnerabilities Could Lead to Remote Code Execution or Denial of Service

Tenable Research discovered multiple vulnerabilities in the HPE Intelligent Management Center. HPE is currently working to fix the issues and plans to release patches on Nov. 30. What you need to know: Multiple vulnerabilities were found in HPE iMC, ranging from denial-of-service (DoS) to remote code execution. What’s the attack vector? Multiple listening ports related to HPE iMC. What’s the … [Read more...]