Addresses the cybersecurity challenges that arise when employees work outside traditional office environments. Articles cover secure network access, endpoint protection, device management policies, and strategies to reduce the attack surface of distributed teams.
posts
The SolarWinds Breach Just Proved Your Perimeter Is Dead As I write this in December 2020, we're watching one of the most devastating supply chain attacks in history unfold. The SolarWinds breach — disclosed just days ago — compromised U.S. government agencies and major corporations by exploiting trusted software
In April 2020, the FBI's Internet Crime Complaint Center reported it was receiving between 3,000 and 4,000 cybersecurity complaints per day — a roughly 400% increase from pre-pandemic levels. The single biggest catalyst? Millions of employees suddenly working from home on networks and devices that no corporate
In early 2024, Ivanti disclosed critical vulnerabilities in its Connect Secure VPN that were already being actively exploited by threat actors — including nation-state groups. CISA issued an emergency directive ordering federal agencies to disconnect affected devices within 48 hours. It was a brutal reminder: a VPN isn't a
In early 2024, a finance employee at a multinational firm in Hong Kong joined a video call with what appeared to be the company's CFO and several colleagues. Every person on the call was a deepfake. The employee transferred $25.6 million to threat actors before anyone realized
In 2023, a single remote employee at a major casino operator received a phone call from someone claiming to be IT support. That social engineering attack — a vishing call lasting roughly ten minutes — gave threat actors the foothold they needed to deploy ransomware across MGM Resorts' entire network, causing
The Ivanti Breach Changed How I Think About VPNs In early 2024, CISA issued an emergency directive after threat actors exploited vulnerabilities in Ivanti Connect Secure VPN appliances to infiltrate multiple federal agencies. The attackers didn't brute-force passwords. They didn't trick users with phishing emails. They
