Defense in depth

More than ever, infrastructure security is at risk and measures should be put in place so as to prevent or react in the … “unlikely event of a loss of cabin pressure”? “the most-likely event of a network security breach!” None of the above Well, those of you that chose “B” guessed (or even better,…

WordPress 5 major pending changes

On August 28th, 00:45 GMT+2 a major attack on WordPress websites was carried out. Many WordPress sites had their admin account renamed. We managed to block the attack on its early beginning and monitor the procedure carried out using honeypots. An upgrade to all WordPress sites to latest version 5.5 hosted on our datacenters was…

Steganography as a weapon in credit card frauds

As Wikipedia states: Steganography (/ˌstɛɡəˈnɒɡrəfi/ STEG-ə-NOG-rə-fee) is the practice of concealing a file, message, image, or video within another file, message, image, or video. The word steganography comes from Greek steganographia, which combines the words steganós (στεγανός), meaning “covered or concealed”, and -graphia (γραφή) meaning “writing”. Ancient Greek leader Histiaeus used this practice back in…

When Protocols outpace Chipsets, the Ricoh MPC 2050 case

It is a recurring phenomenon, in the IoT era, for network devices to be required to send emails and have access to SMTP functionality. Thus, most device manufacturers attempt to follow through and implement the contemporary security protocols while designing and when firmware patching is possible. However, only so much can be done by firmware…

Network connection (domain profile) domain connection shows as “unauthenticated”

We experience inability to access local owa site, from time to time accessing domain file resources was experiencing outage. Among a lot articles/blog posts we followed the article https://serverfault.com/questions/413052/domain-connection-shows-as-unauthenticated Overall, we thoroughly tested: DHCP leases and reservations on DC (running the dhcp role), no multiple entries for the offending workstations Remove from Domain and join…

Hit by ransomware, who gets blamed?

If a business gets hit by ransomware and loses its critical financial data or customer information, who gets blamed? With businesses facing more cyberattacks than ever, managed service providers (MSPs) are expected to deliver a basic level of security protection to their customers. While “basic” at one time may have meant antivirus software, today that…