GreenPages Blog

As an IT professional, you need to stay current on all things tech; with articles from industry experts and GreenPages' staff, you get the info you need to help your organization compete and succeed!

Is It Possible for Security to Coexist with Hybrid Work Post Pandemic?

Read More

Randy Becker

Recent Posts:

Is It Possible for Security to Coexist with Hybrid Work Post Pandemic?

By Randy Becker, VP & Principal Security Architect The pandemic has brought new and interesting challenges for all of us to deal with and certainly the balance of supporting users working remotely while ensuring security has not been easy. Initially we all had to scramble to figure out ways to allow employees to work from home. Some crazy things happened, including people bringing their desktop PCs home, connecting home PCs (with unsupported operating systems) to corporate VPNs, etc. Now we are seeing discussions about returning to work. What does that look like and what is it called?

The Heroic Immutable Backup: Your Last Level of Protection Against Ransomware

By Randy Becker, CISO & VP, Network and Security Consulting I am often asked by customers, “If you could only do one thing to improve your security posture right now what would it be?” That’s an easy answer: implement immutable backups to protect against a ransomware attack. So, what exactly is an immutable backup? Simply stated, it is a backup that is read-only and cannot be deleted by anyone, including an administrator, threat actors, or, you know, the “bad guys.”

One Script to Mitigate, Scan for Malware, & Repair On-Premises Exchange Servers!

By Randy Becker, CISO & VP, Network and Security Consulting Microsoft just released a new PowerShell script called the Exchange On-premises Mitigation Tool (EOMT). https://github.com/microsoft/CSS-Exchange/tree/main/Security#exchange-on-premises-mitigation-tool-eomt. This single script will automatically grab necessary downloads and dependencies for mitigation and malware scan, and reverse changes made by known threats.

Patch Tuesday March 2021 Edition...Exchange Exploits Escalate

By Randy Becker, CISO & VP, Network and Security Consulting As if the SolarWinds fiasco and the massive global on-premises Exchange Servers attack weren’t bad enough, here comes Microsoft Patch Tuesday for March 2021. Microsoft Patch Tuesday announces 82 vulnerabilities, with 10 plus classified as critical, 1 zero-day exploit, and 72 as important. These have all be fixed in this month’s update courtesy of Microsoft. Of special note, these numbers do not include the 7 Microsoft Exchange and 33 Chromium Edge vulnerabilities already released.  

Microsoft Exchange Zero-Day Vulnerabilities Being Actively Exploited in The Wild

By Randy Becker, CISO & VP, Network and Security Consulting It isn’t common for Microsoft to release a security update for an 11-year-old server application. So, when they do, people take notice. Especially when tied to Email. Microsoft has just released out-of-band security updates for a zero-day exploit that is actively being exploited in the wild. Of significant importance is that this is for all supported Microsoft Exchange versions plus Exchange 2010.

Zero Trust Does Not Mean Zero Access

By Randy Becker, CISO & VP, Network and Security Consulting Zero Trust is not new, but it has recently started to show up a lot in security circles. A quick search shows that there are a lot of organizations with thoughts on this topic. Given the infamous SolarWinds breach, we are starting to hear more about “Zero Trust,” “Defense in Depth,” and my personal favorite “Assume the Breach.” Last Friday CISA quietly posted the following important guidance on Zero Trust: NSA Releases Guidance on Zero Trust Security Model. This should be on the short list of reading for everyone.

New Mac Mystery Malware “Silver Sparrow” & New VMware (RCE) in vCenter!

By Randy Becker, CISO & VP, Network and Security Consulting There is a new form of malware (dubbed “Silver Sparrow” by Red Canary) that seems to be affecting Macs running Intel processors and Apple’s own M1 processors. It does not appear as though the malware has done anything nefarious, but as the saying goes, where there’s smoke there is often fire. VMware announces Remote Code Execution (RCE) vulnerability in the vCenter with a CVSSv3 base score of 9.8 CVE-2021-21972. This one looks ripe for exploitation as it is a RCE **AND** a 9.8 In addition to this, two others were found—all in the CVSSv3 range of 5.3-9.8.

The SolarWinds Saga Continues: Microsoft Estimates 1000 Developers Rewrote Code for the Attack

By Randy Becker, CISO & VP, Network and Security Consulting SolarWinds, Solorigate, Sunburst, Teardrop, Sunspot, Raindrop… will it ever end? (Check out Microsoft’s deep dive for a comprehensive summary.) The breach was even the lead story on 60-Minutes with Microsoft President Brad Smith and FireEye CEO Kevin Mandia interviewed.

As of Feb 9th Microsoft Enforces Secure RPC with Netlogon Secure Channel--What Does that Mean?

By Randy Becker, CISO & VP, Network and Security Consulting On February 9th, Microsoft moved into the second phase of enforcing CVE 2020-1472. This affects companies that are still using legacy unsupported Microsoft operating systems. Will Microsoft finally get closer to closing the vulnerability down? How may customers are affected by this?

    Related Posts