Home|Mariela Zechter

About Mariela Zechter

This author has not yet filled in any details.
So far Mariela Zechter has created 14 blog entries.

How The Defense in Depth Strategy Protects Organizations

Contrary to the promises of the various security appliance providers, there is no single solution in information security to defend against the various attack vectors available to threat actors (TAs). However, we recommend that businesses adopt Defense in Depth, a strategy of applying multiple layers of defensive mechanisms to better protect an organizations’ valuable

2022-10-10T20:06:43+00:00October 10th, 2022|Thought Leadership|

Microsoft Discloses Two New Active MS Exchange Zero-Day Bugs, No Immediate Fix

On Thursday, September 29th, Microsoft publicly disclosed two unpatched vulnerabilities impacting on-premises Microsoft Exchange servers that were capable of granting remote access to threat actors. These zero-day vulnerabilities have been identified as CVE-2022-41040, which is a Server-Side Request Forgery (SSRF) vulnerability, and CVE-2022-41082, which allows remote code execution (RCE) when PowerShell is accessible to the attacker.

2022-09-30T21:18:31+00:00September 30th, 2022|Thought Leadership|

Why Your Business Needs Next-Generation Antivirus

Improvements to cybersecurity practices top the to-do lists of many businesses these days, thanks to the ever-changing information technology (IT) security threat landscape. One of the most crucial investments an organization can make is replacing their traditional, or legacy, antivirus solutions with next-generation antivirus (NGAV). Combined with the proper

2022-06-27T16:57:40+00:00June 24th, 2022|Thought Leadership|

Microsoft to Disable Some Legacy Email Protocols

Microsoft recently announced that it will disable some of its legacy email authentication protocols later this year. This change will affect users with older phones or those with email setups using one of these protocols. Legacy, or basic, authentication allows users to connect to a mailbox using only a username and a password and

2022-06-14T22:06:11+00:00June 14th, 2022|Thought Leadership|

What You Need to Know About the Strengthening American Cybersecurity Act

In the wake of the Russian military invasion of Ukraine, fear of cyberwarfare has risen among the American public, many of whom still have the Colonial Pipeline ransomware attack fresh on their minds. In response, the U.S. government is seeking not only to address these events, but also to raise awareness and security compliance for

2022-04-27T22:07:58+00:00April 27th, 2022|Thought Leadership|

5 Practices to Put in Place Now to Protect Your Organization’s Network

As organizations of all sizes increasingly rely on technology to conduct business, the likelihood of threats and security issues arising also continues to grow. One of the most crucial things small and midsized businesses can do now to safeguard their networks is prevent unauthorized access. Once breached, potential problems become significantly more difficult

2022-04-26T17:53:28+00:00April 26th, 2022|Thought Leadership|

What the Recent Okta Compromise Could Mean for You and Your Business

Okta, a massively popular company which provides identity and access management (IAM) services to clients worldwide, was recently targeted by threat actor Lapsus$. The compromise of Okta and other providers of IAM services is highly sensitive and potentially far-reaching as Okta’s IAM services alone allow approximately 15,000 companies to securely log into multiple

2022-04-14T19:33:32+00:00April 14th, 2022|Thought Leadership|

Explaining Microsoft’s Price Increases, Terms Changes

Last fall, Microsoft announced price increases set to go into effect beginning March 1, 2022. The company also outlined additional important changes that will impact users’ subscription agreements. Monthly pricing per license will increase on the following 365 products: Microsoft 365 Business Basic from $5 to $6. Microsoft 365 Premium from $20 to

2022-02-15T16:27:20+00:00February 15th, 2022|Thought Leadership|

D.C. and Data Breaches: What You Need to Know

The ubiquity of concerted campaigns through phishing and various other methods of malware deployment have led to individuals, small and midsized businesses (SMBs), and the largest companies worldwide to deal with the brutal impact of a data breach on daily operations. This pervasiveness is understood to occur due to the low-risk, high-reward ecosystem in

2022-02-10T17:36:52+00:00February 10th, 2022|Thought Leadership|

The Dangers of Consent Phishing

Cyber incidents often rely on human engagement to enable malware. Despite deploying security controls on the user’s account, target environment, and device, additional emerging threats may occur which require both users and enterprise administrators to put safeguards in place to mitigate the impact. The purpose of this blog is to analyze and mitigate the

2022-02-14T23:51:54+00:00February 4th, 2022|Thought Leadership|
Go to Top