As I am sure most of you are aware Apache released information in December concerning a vulnerability in their Log4j module.  Apache’s Log4j (log for java) software library affects versions 2.0-beta9 to 2.14.1, known as “Log4Shell.” Resolution of the issue requires patching to the current version, 2.17.1 (Java 8), 2.12.4 (Java 7) or 2.3.2 (Java…

Read More

It is a wonderful and joyful time of the year, but unfortunately, it’s also a busy time for cybercriminals to take advantage of you.  The National Retail Federation (and IP Services!) would remind you of these simple precautions: Keep a clean machine – make sure whatever device you use for online shopping has the latest…

Read More
Ransomware picture

According to a recent article in the Institutional Asset Manager Newsletter, the financial sector was one of the most targeted by cybercriminals in 2020 during the Covid-19 pandemic at a time when rapid shifts in working practices left organizations vulnerable. In the first emergency phase of the pandemic in Q2 2020, ransomware attacks on financial organizations…

Read More

Shadow IT while always problematic for IT Departments has recently resurfaced as a real and present threat and risk to an organization and in particular, has become a focal area during FDIC examinations.     So, what does Shadow IT mean? Shadow IT (a.k.a., “unauthorized technology,” “unauthorized assets,” “unauthorized devices,” etc.) has created quite a name…

Read More
WFA Cybersecurity

Shifting operations to a work from home (WFH) model introduces new cybersecurity considerations to your company/organization. Use this checklist to get ahead—and stay ahead—of new risks. Instigate a cybersecurity health checkup during and after the shift to WFH. Review all cybersecurity controls to identify gaps, prioritize, and remediate accordingly. Update your Technology & Data Use…

Read More