Latest posts

SolarWinds attack renews push for a federal breach notification law The coming into effect of the EU’s GDPR across the pond gave fresh impetus to calls for a federal breach notification law in the United States. Those calls are only growing louder in the aftermath of the unprecedented and massive SolarWinds attack. The cybersecurity community […]

By Monique Magalhaes Technological advancements continue to change how we work and how we consume technology. But as new services and technologies appear, we do not always design or consume them with the “secure by default” idea in mind. Taking a constructive look at specific areas that are likely to grow or persist, including the […]

This month’s Patch Tuesday (or Update Tuesday, as the MSRC team blog prefers to call it) falls on the 13th which may give pause to the superstitious among us. Some users felt pretty unlucky after installing the March updates, which came with continuing problems for those using certain printer models. Let’s hope this month’s fixes […]

This month wasn’t a good one for IT admins – especially those running Microsoft Exchange servers. A Chinese hacker organization going by the moniker “Hafnium” was discovered to be exploiting security vulnerabilities in Exchange 2013, 2016, and 2019. This allowed them to access the email of the many thousands of businesses and government agencies using […]

The recent hack of Microsoft Exchange was a wake-up call for many small and medium businesses (SMBs) about their network vulnerability. As reported by TechGenix, Microsoft hasn’t said how many corporate and government Exchange customers have been exploited, but security expert Brian Krebs said the number is “at least 30,000” in the U.S. alone. The Wall Street Journal, […]

Faxing is a fixture of many industries—healthcare, legal, financial, government, manufacturing. It is a technology that persists…because it does the job required. Fax satisfies requirements for security, regulatory compliance, legal need, or simply as a lowest common denominator for communications interoperability. In healthcare for example, not every electronic health record (EHR) system plays well with others. […]

After a many-months hiatus, we’re back with the monthly summary of security updates released by Microsoft for its array of consumer and enterprise products. The world has changed since my last post on this topic almost a year ago, but if anything, computers and the Internet have become even more important parts of our lives. […]

Companies think about improving their security technology after an attack or worse, a security breach. Small and medium businesses are not immune—two-thirds of SMBs have faced cyber-attack. Better to put up a stronger defense now with solutions like Unlimited|Network Security. However, if you do find yourself compromised, you can work towards repairing your reputation. This […]

As mentioned in the previous post about GFI LanGuard as an alternative patch solution to SolarWinds Orion, this follow-up provides details about how GFI LanGuard can be used to locate devices and detect the SolarWinds Orion product versions which were exploited in the breach.   To do this we will first examine a bit about the […]

With the recent directive issued by the US CISA to disconnect or power down SolarWinds Orion, it is important to note that simply powering down does not help in the continued protection of the networks, operating systems, and applications which run on these networks.   GFI would like to extend an invitation to assist anyone affected […]