If you are running Unix in your environment, there is a fair chance that this vulnerability could affect you. Please patch for this one as soon as possible. Read more here: https://arstechnica.com/information-technology/2018/03/code-execution-flaw-in-exim-imperils-400k-machines-have-you-patched/
Read MoreIt is now becoming something we see – 1Tbps DDoS attacks – there have been two in the past week. It is almost unimaginable that an enterprise of any size could stand up to this on their own, but with the right toolsets and assistance, it is possible. Interestingly, these attacks are taking a new […]
Read MoreFor years, there has been a debate in the infrastructure world – is hardware segmentation the most effective method to protect from attacks, or does it have little effect, and can multi-tenant environments be just as effective? We at White Raven believe that they key is in trusts, not the hardware itself, and it would […]
Read MoreAccording to CyberArk’s latest findings, nearly half of the companies out there are not evolving once they put an InfoSec program into place – leaving them wide-open as attackers look for new ways to get in. Read more here: 46 Percent of Organizations Fail to Change Security Strategy After a Cyber Attack
Read MoreThe SEC is now demanding more information about breaches and known risks in companies, according to their newest guidance. They are also stating that stock trading is forbidden for companies executives with known vulnerabilities in their organization. This is pretty big move, and could signal a move toward government-mandated compliance, similar to PCI/HIPAA/SOX, etc. […]
Read MoreIts no secret that cybersecurity is on everyone’s mind. Most companies are waking up to the stark truth that they need to hire staff to keep their data safe, but did you realize just how many open jobs there are for these positions? While you are looking to staff, the bad guys aren’t sleeping, so […]
Read MoreReleased Tuesday: The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as HARDRAIN and BADCALL—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. NCCIC/US-CERT encourages users and administrators to review the HIDDEN […]
Read MoreYears ago, I had a neighbor who left his network open, and I would randomly fire off a script that would simultaneously access his floppy drives from multiple computers, creating a similar effect to this vulnerability – but my floppy drive attack would lock up the whole machine by using all the I/O the device […]
Read MoreIf you still think that security can be something that you “get to as soon as…”, then you may already be in trouble. Too many companies pay little attention to the risk potential until it is too late, and the bad guys are well aware of it. Security is something that must be baked into […]
Read MoreToo often, we at White Raven have spoken to our peers in the industry who have complained about the sticker shock of moving to the cloud. Matthew Shooshtari has written an article discussing this phenomenon, and we wanted to expand ever so slightly on it. As a long-term infrastructure manager, it bears (in my opinion) […]
Read More