By Randy Becker, VP & Principal Security Architect The pandemic has brought new and interesting challenges for all of us to deal with and certainly the balance of supporting users working remotely while ensuring security has not been easy. Initially we all had to scramble to figure out ways to allow employees to work from home. Some crazy things happened, including people bringing their desktop PCs home, connecting home PCs (with unsupported operating systems) to corporate VPNs, etc. Now we are seeing discussions about returning to work. What does that look like and what is it called?

By Randy Becker, CISO & VP, Network and Security Consulting I am often asked by customers, “If you could only do one thing to improve your security posture right now what would it be?” That’s an easy answer: implement immutable backups to protect against a ransomware attack. So, what exactly is an immutable backup? Simply stated, it is a backup that is read-only and cannot be deleted by anyone, including an administrator, threat actors, or, you know, the “bad guys.”

By Randy Becker, CISO & VP, Network and Security Consulting Microsoft just released a new PowerShell script called the Exchange On-premises Mitigation Tool (EOMT). https://github.com/microsoft/CSS-Exchange/tree/main/Security#exchange-on-premises-mitigation-tool-eomt. This single script will automatically grab necessary downloads and dependencies for mitigation and malware scan, and reverse changes made by known threats.

By Randy Becker, CISO & VP, Network and Security Consulting As if the SolarWinds fiasco and the massive global on-premises Exchange Servers attack weren’t bad enough, here comes Microsoft Patch Tuesday for March 2021. Microsoft Patch Tuesday announces 82 vulnerabilities, with 10 plus classified as critical, 1 zero-day exploit, and 72 as important. These have all be fixed in this month’s update courtesy of Microsoft. Of special note, these numbers do not include the 7 Microsoft Exchange and 33 Chromium Edge vulnerabilities already released.  

By Randy Becker, CISO & VP, Network and Security Consulting It isn’t common for Microsoft to release a security update for an 11-year-old server application. So, when they do, people take notice. Especially when tied to Email. Microsoft has just released out-of-band security updates for a zero-day exploit that is actively being exploited in the wild. Of significant importance is that this is for all supported Microsoft Exchange versions plus Exchange 2010.

By Randy Becker, CISO & VP, Network and Security Consulting Zero Trust is not new, but it has recently started to show up a lot in security circles. A quick search shows that there are a lot of organizations with thoughts on this topic. Given the infamous SolarWinds breach, we are starting to hear more about “Zero Trust,” “Defense in Depth,” and my personal favorite “Assume the Breach.” Last Friday CISA quietly posted the following important guidance on Zero Trust: NSA Releases Guidance on Zero Trust Security Model. This should be on the short list of reading for everyone.

On Jan 6th, the Cybersecurity and Infrastructure Security Agency (CISA) updated their Emergency Directive 21-01 with supplemental guidance and activity alerts on the SolarWinds Orion Compromise. 

What Is the CARES Act? The Federal government enacted the Coronavirus Aid, Relief, and Economic Security Act ("CARES Act") which established the Coronavirus Relief Fund and appropriated $150 billion to it. 

A Message from Jay Keating, SVP of Service Delivery & Managed Services, GreenPages