Last month the FBI posted ALERT AC-000113-TT, which mentions an increase in unidentified cyber actors exploiting a known SharePoint vulnerability to gain access to unprotected networks. The CVE-2019-1491 vulnerability was found late last year and Microsoft posted an out-of-band patch soon after. The FBI soon raised the alert after it received reports that multiple municipalities here in the states had been compromised.
Read moreAuthor: James Dougherty
I have worn many hats in my professional life. Support engineer, developer, network admin and manager are all points on my resume, but the one common thread with all of these jobs is that I enjoy working with people; that is what I do here at Plixer. I make sure that everyone understands our product and can get the most out of it. It's just simple 'no bull' support!
Let me know if you have any questions, I would be happy to help.
- Jimmy D
Building a geo attack map with the Scrutinizer API: part 2
Posted on - by James Dougherty
So far we have used the Scrutinizer API to build a dataset that tells us how many hits our top ten countries are getting. Next, we’ll explore how easy it is to use this data to populate an open source digital heat/attack map.
Read moreBuilding a geo attack map with the Scrutinizer API
Posted on - by James Dougherty
Every once in a while I get the opportunity to sit down and work on things that are outside of the box when it comes to Scrutinizer. Well, this month was the perfect one for that. For a long time, I’ve wanted to create a geolocation-based heatmap of countries that are being visited on the network. Honestly, I have always had a fondness for heatmaps and attack maps, specifically geo-heatmaps. With that in mind, I decided to build a script that outputs countries and their hits. I’ll then take that data and populate an open source digital heat/attack map.
Read moreThree Ways to Comply with GDPR
Posted on - by James Dougherty
The requirements of GDPR can be vague sometimes. I have had quite a few of my customers ask how we help companies with questions about GDPR compliance. Here are the three Scrutinizer abilities that they found to be the most valuable.
Read moreNetwork Security: Using Dashboards to Aid Your Investigation
Posted on - by James Dougherty
In my last post, titled Network Visibility: Using Dashboards to Tell a Deeper Story, we discussed how the dashboard feature of Scrutinizer can be an asset to multiple departments. I’ve had the opportunity to work with clients who had a one- or two-person shop and some who had multiple departments. There has been one common thing across all these deployments: by employing the features of the dashboard engine, they were able to reduce the time it takes to find what they are looking for. In this section, we will explore the network security department.
Network Visibility: Using Dashboards to Tell a Deeper Story
Posted on - by James Dougherty
When it comes to network traffic monitoring, a single and unified view of your networking infrastructure is essential in ensuring that your environment is correctly watched over. It’s common to have hundreds, if not thousands, of routing and optimizing devices in today’s global networks. This tends to make monitoring things like traffic load, application usage, host usage, and more a mission-critical feature.
Three Strategies to Catch and Stop Insider Threats
Posted on - by James Dougherty
Earlier this year I worked on a document that addressed some of the common misconceptions about Scrutinizer. One of the subjects that caught my attention was Scrutinizer’s ability to mitigate insider threats. Honestly, I really wanted to dig deeper on all the subjects on my list, but the marketing team frowned on me passing along a hundred-page report when they were really looking or two-page fact sheet with links. As time passed, the idea of Scrutinizer’s ability to monitor, detect, and mitigate these types of threats kept on tugging at me. So when I got the opportunity to talk more about it, I jumped on it.
Network Security Concerns: They’re Attacking My Printers Now?
Posted on - by James Dougherty
In today’s digital world, nothing is safe. Just today I came across this post that talks about hackers attacking network printers. It’s not far-fetched to think that your printers are a major cyberattack vector, but how can this type of attack affect your network? More importantly, how can you monitor for it?
More on Endpoint Visibility: Mobile Security and Your Network Security Strategy
Posted on - by James Dougherty
Why should your endpoints be an important part of your network security strategy? Because even though they are out in the wild, endpoints are part of your network! We really should stop viewing endpoint devices as being separate from the rest of the network. The truth is, once an endpoint device connects to your network, it is part of your LAN/WAN and is a security concern. This means that each device with a remote connection creates a potential entry point for security threats.
Data Retention: Leveraging NetFlow/IPFIX to Meet Your Compliance Needs
Posted on - by James Dougherty
In my spare time, limited as it might be, I have been taking a deep dive class on anonymous browsing. Specifically, it goes into great detail on ways to hide under the radar and on many of the legal aspects of both sides. So far the class has been right up my alley!