According to Forbes, the cost of ransomware attacks against organizations has increased by 300% in 2021. Additionally, supply chain and vendor issues have gained attention since SolarWinds, Kaseya, and other providers that have been compromised this year. Cyberpion found that three- fourths of Fortune 500 companies’ IT infrastructure exists outside of their organization. Third- party […]
read more »87,000 unpatched Fortinet SSL- VPN credentials from around 500,000 accounts have been leaked on the dark web. According to Threatpost, the attackers exploited a path transversal vulnerability in Fortinet’s FortiOS. This weakness allows attackers to perform data exfiltration, install malware, and launch ransomware. The data leak occurred between May 2019 and June 2021. CPO Magazine […]
read more »The Breach On August 16, 2021, T-Mobile released a statement that unauthorized access to customer data had occurred. The malicious actor, claimed to be John Binns, first gained access into T-Mobile’s servers through an unprotected router on July 19, 2021. ZDNet mentions that from there, he explored security gaps in T- Mobile’s security architecture where […]
read more »Over the Fourth of July weekend, Kaseya’s Virtual System/ Server Administrator (VSA) software was targeted by the cybercrime gang REvil. REvil executed a supply chain ransomware attack and demanded $70 million in Bitcoin. Kaseya is an IT management software company, whose customers include large MSPs. As a result, around 1,500 small to medium sized businesses […]
read more »More companies are now relying on VPNs for business continuity. As a result, VPN gateways are running at or near capacity. This means that corporate IT departments need to step up proactive security measures and leverage all the tools at their disposal to implement security controls and keep traffic load manageable so that the VPN […]
read more »March 25, 2021|IT Security, IT Services, Managed Services, Security Awareness Training, Security Operations, Security Patching TAMPA, Fla. – March 25, 2021 – Adsero Security and Ballast Services are pleased to announce their integrated partnership to provide comprehensive IT security compliance and managed services. Business leaders are challenged with complex and fragmented cyber security services, and […]
read more »The Principle of Least Privilege (PoLP) is the idea that every user, program, or process has access only to the information that are necessary to complete its function. As this topic has traditionally been used for government purposes, businesses and organizations have begun to implement PoLP with their employees. PoLP is a crucial component in […]
read more »The Coronavirus pandemic has remolded us into a digitally dependent world. The directives of social distancing forced a rapid shift of activities from the physical world to the digital world. The platforms that are used to host business meetings are now the same platforms used to host virtual celebrations and gatherings. The lines between our […]
read more »No one wants to be the next SolarWinds. Of course the SolarWinds attack that was conducted was a very methodical and well planned attack but at the end of the day it comes down to implementing and governing best security practices. And, yes, most companies are not equipped or prepared for this type of attack […]
read more »Organizations currently are dealing with unprecedented times during this pandemic. COVID-19 and its high infection rates are basically single handedly changing how many organizations function. Many organizations were caught off guard by having to switch to a work-from-home model. Based on past trends, and COVID-19 coming to the forefront of organizations, it also has come […]
read more »