Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.

Continue Reading Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Guidance for CISOs to improve remote worker security, free access to small business online collaboration tools

In the wake of Coronavirus / COVID-19 pandemic, Microsoft has issued sound guidance for security leaders to improve remote worker security. Tech companies are also offering small businesses free access to online collaboration tools during the outbreak.

Continue Reading Guidance for CISOs to improve remote worker security, free access to small business online collaboration tools

Organizations need heightened level of Enterprise VPN security in the wake of Coronavirus Pandemic

To prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), more organizations are electing to have their employees work remotely from home. With that responsibility, more organizations will need to adopt a heightened level of security to protect themselves from attackers who look to exploit weaknesses in enterprise virtual private networks (VPNs).

Continue Reading Organizations need heightened level of Enterprise VPN security in the wake of Coronavirus Pandemic

Guidelines for securing Content Management Systems

The Australian Cyber Security Centre (ACSC) has released new guidelines to assist organizations in securing Content Management Systems (CMS). The guidelines include good mitigation advice in areas of patching, account management, hardening and monitoring to name a few.

Continue Reading Guidelines for securing Content Management Systems