Justin, Author at Plixer

Preparing for the next threat

07.20.22 - Justin

It’s safe to say organizations have had their fair share of cyber attacks this past year—from threats discovered early last year with VMware (CVE-2021-21985 and CVE-2021-21972), which provided access to compromised environments and sensitive data, to the Apache Log4j vulnerability, which sent IT professionals scrambling to patch every system that might have a vulnerable release installed. These incidents don’t even touch threats like ransomware, which compromised the Colonial Pipeline network and forced gas prices to skyrocket above $3 a gallon for the first time in seven years—we’d all appreciate $3 a gallon these days! The year has been fraught with security challenges and the outlook continues to be troubling for the remainder of the year.

NDR

When EDR isn’t enough, be glad you have NDR

07.15.22 - Justin

When tools that were created to help security teams simulate attacks are used by the attackers, you know there’s a problem. But that’s exactly what’s happened in recent news where the Brute Ratel C4 (BRc4) red-teaming and adversarial attack simulation tool was used by nation-state attackers to evade detection.

NPMD

The importance of network device discovery

04.14.22 - Justin

Market research consulting firm Frost & Sullivan’s recent analysis found that enterprises were becoming more vulnerable to cyberattacks due to an expanded attack surface increase by “multiple touchpoints through an open network and easy accessibility to database[s] and applications.” As users join and leave the network from myriad devices, organizations need a way to improve their security posture without significantly increasing costs. But as the threat surface grows, what can organizations do to reduce risk?

Security Operations

Protect your network from Log4j and future vulnerabilities

12.22.21 - Justin

Earlier this month, a vulnerability in the Apache Log4j logging framework was disclosed. The zero-day vulnerability was published by Alibaba Cloud’s security team as was called Log4Shell (CVE-2021-44228).

To protect business-critical applications and prevent remote code execution, which could give unfettered access to the hacker, businesses need to understand how to protect themselves from such attacks while patching vulnerable systems.

Security Operations

Ransomware attacks impact more than their target victim

12.17.21 - Justin

Last week Kronos (now Ultimate Kronos Group (UKG)) announced that they were hit by a ransomware attack that is likely to keep their system offline for weeks. As a major human resources management company, they provide services like payroll, timekeeping, etc. to other companies. Because so many companies rely on Kronos’s services, they are feeling the effects of this attack as well. So, what does this show us about the danger and damages of ransomware?