New CISO Handbook guides fed cyber execs

By | July 20th, 2018|Blog|

A CISO Handbook was released recently by a group of federal CISO & CIO councils to help their peers navigate current government approaches to cybersecurity and risk management. Available through the CIO.gov website, the CISO Handbook is designed to provide a "one stop shop" for new and emerging information security professionals looking to become [...]

Offensive cybersecurity, whose job is it?

By | June 22nd, 2018|Blog|

A recent interview with former Chairman of the Joint Chiefs of Staff Adm. Mike Mullen brought up some interesting comments on offensive cybersecurity. US Cyber Command has been elevated to its own combatant command, but should the government green light companies the ability to hack back when attacked? Mullen answered that question by saying [...]

Hackers target US satellite industry

By | June 20th, 2018|Blog|

The US-based satellite industry has been targeted by a Chinese-linked hacking group, according to new research by Symantec. The hacking campaign apparently targeted command and control systems. Targets include at least two US-based satellite companies, a Defense Department contractor and a geospatial imaging technology firm. The attackers use a combination of open-source and custom-built hacking [...]

Spectre, Meltdown exploits don’t impact Uplogix

By | January 11th, 2018|Blog|

The New Year kicked off with a thud as the Meltdown and Spectre exploits dominated headlines with critical vulnerabilities in modern processors. Uplogix Local Managers are not impacted by these exploits. IN BRIEF The Uplogix 5000 and 500 Local Managers are not impacted by either the Meltdown or Spectre exploits. Hardware components in both Local Manager [...]

KRACK zero-day cracks WPA2

By | October 19th, 2017|Blog|

This week began with the zero-day news for a bug that effectively broke WPA2 wireless security. KRACK, named for Key Reinstallation Attack, is a fundamental flaw in the operation of Wi-Fi Protected Access II, the security protocol upgrade from the old, broken WEP protocol. The issue is with the systems four-way handshake that permits [...]

Ransomware brings down county services

By | September 20th, 2017|Blog|

Montgomery County in Alabama was hit by a ransomware attack that left IT staff scrambling to regain control of their systems. Among other impacts, vehicle tags and registrations are unable to be processed as officials investigate the cause of the breach and their options to regain control and clean up their system. The debilitating ransomware [...]

Maritime networks concerned following breach

By | August 11th, 2017|Blog|

Maritime networks are getting even more serious about security following the high-profile cyber attack of shipping giant Maersk in June. The coordinated attack impacted business on a global scale as Maersk had to take IT systems offline to respond to the breach over the span of about a week. It's not the first time maritime [...]

Security reading for May the Fourth

By | May 4th, 2017|Blog|

If you haven't come across it yet, the HP Enterprise blog ran an article back in February that is worth reading today, May the Fourth, also known as Star Wars Day. While not as important as an opening day, 5/4 is a great day to geek out a bit and enjoy an article that shows [...]

Protecting against insider threats

By | April 17th, 2017|Blog|

When it comes to securing your network against insider threats, security researchers recommend a "mini-max" policy -- minimize access where possible and then maximize monitoring of that access for unusual patterns. The goal is to not provide employees with an open door to the entire network by making access a privilege and not a right. [...]

Maintaining audit and compliance reporting

By | March 13th, 2017|Blog|

I read an article recently that was titled, "You broke the network. Do you confess?" And it made me think about the audit and compliance reporting of the Uplogix platform, because it kind of takes the fun out of the question. The author of the original post on Reddit's /r/networking asked: "Have you ever accidentally [...]