LastPass Phishing E-mails
We’ve noticed an uptick in phishing e-mails targeting LastPass users with dozens reported in the last 24 hours.
Free SIEM for Microsoft 365?
Now there’s no excuse to live without security monitoring for your Microsoft 365 environment!
LastPass wasn't hacked, but some LastPass users were targeted with credential stuffing attacks.
LastPass wasn't hacked, but some LastPass users were targeted with credential stuffing attacks. What else is new…
Update your stuff! Another CVE-2021-44228 Log4j PSA…
Update your stuff! Another PSA for the critical Log4Shell vulnerability in Apache Log4j.
5 W’s for building a cybersecurity plan
These 5 W's can help any stakeholder in an organization make cybersecurity conversations actionable.
Assessing cybersecurity weaknesses in electronic security systems.
Electronic security systems are integral components of an organization’s physical security plan, and important defense-in-depth layers which define overall security posture. They also introduce cybersecurity risks which are often overlooked.
Cybersecurity can be both simple AND effective with the CIS Controls.
Many organizations that previously overlooked cybersecurity are rushing to show their boards and customers that they’re taking things seriously. At this point, executives, managers, and IT professionals are all looking for answers to the same question - where do we start?
What is ‘Secure Configuration’, and why are CIS Benchmarks important?
The Center for Internet Security (CIS) Benchmarks are consensus-developed secure configuration guidelines for hardening operating systems, servers, cloud environments, and more. There are 100+ CIS Benchmarks covering more than 14 technology groups.
World Password Day!
Today’s World Password Day! We recommend celebrating by grabbing your favorite adult beverage, coming up with a memorable passphrase, and changing all of your credentials.
Project Jengo: use the bounty concept to fight patent trolls
Our friends at Cloudflare have come up with an innovative way to fight patent trolls - with bounties.
Update your Cisco Small Business (Linksys) routers
Security advisories have recently been released by CISA and Cisco for multiple vulnerabilities impacting Cisco’s RV-series small business routers.
Update your iPhone if you haven’t already: more Apple WebKit (Safari) vulnerabilities
Apple released patches for more Apple WebKit (Safari) vulnerabilities. We wrote this short post to remind everyone with Apple devices that are NOT managed by their company or a managed services provider to update your Apple devices immediately.
Teachable moments in Product Security: an in-depth analysis of the Verkada breach
Verkada’s cloud-based video surveillance application was breached, exposing 150,000 cameras belonging to Tesla, Cloudflare, UK NHS, banks, universities, hospitals, jails, and more. Here's our analysis and some product security lessons to be learned based on the information that’s currently available.