The Dataprise Blog

Cyber Attacks: Why the Food and Agriculture Sector Is Next

Oct 05, 2021 BY DATAPRISE
Want the latest IT insights? SUBSCRIBE

Dataprise

This is the default author for all Dataprise blog posts.

Vendor Risk Management Explained: Plan for Action

Click here to learn about setting your organization up to take a tailored approach to vendor risk management.
IT Consulting

Apache Web Server Path Traversal Vulnerability: Dataprise Defense Digest

Apache has issued a patch that addresses a zero day vulnerability in its HTTP web server project.
Information Security

Cyber Attacks: Why the Food and Agriculture Sector Is Next

Ransomware targeting the food and agriculture industry is unfortunately on the rise, with restaurants, large producers, and tiny farms all at risk. Click here to learn what people in this sector can do to protect themselves.
Information Security

4 Burning Questions on Business Continuity and Disaster Recovery

In this day and age, disaster has many forms, so it pays to be prepared. Click here to get a summary of our recent Business Continuity and Disaster Recovery webinar as two vCIO experts break down four pressing questions related to business continuity needs and disaster mitigation.
IT Fundamentals

A Little Cyber Hygiene Stops Big Problems

There are consistent steps your organization can take to prevent cyberattacks on your business. Learn what they are in this blog.
Information Security

Apple NSO Zero-Click Zero-Day: Dataprise Defense Digest

Citizen Lab discovered a zero-day zero-click exploit against Apple’s iMessage. Dubbed FORCEDENTRY, it’s a zero-day exploit that targets Apple’s image rendering library, and is effective against Apple iOS, MacOS and WatchOS devices. They’ve attributed the exploit to the Israeli cyber mercenary group, NSO Group, that is responsible for creating the Pegasus spyware used in numerous high profile exploitations of celebrity, politician, and world leader mobile devices.
Information Security

4 Common Cyber Insurance Coverage Exclusions & How Cyber Policies Can Close the Gaps

Cyber insurance is a must for companies today, but not all policies are created equal. Click here to learn more about the growing list of cybersecurity insurance coverage exclusions and what it means for your cyber protection.
Information Security

Microsoft MSHTML Remote Code Execution Vulnerability: Dataprise Defense Digest

A new vulnerability in MSHTML (Part of MS Office) is being actively exploited by malicious actors. This can enable malware execution through the MSHTML “web engine” functionality present in Office applications. The simplicity of opening a specially crafted MS Office document makes it ideal bait for phishing and spear-phishing attempts.
Information Security

User Credential Leak from 2019 Fortinet SSL-VPN Vulnerability: Dataprise Defense Digest

In 2019, FortiGate firewalls had a zero-day vulnerability that was exploited globally, allowing attackers to harvest user VPN credentials, usernames and passwords, remotely. This vulnerability has been addressed and patched by Fortinet in 2019, however, recently, a database of more than 87,000 FortiGate SSL VPN credentials harvested in 2019 has been leaked to the Internet. Researchers have noted that while some of the credentials will no longer work, there are some that still do.
Information Security

Why You Need Zero Trust Architecture in the Hybrid Workplace

Zero Trust Architecture is an end-to-end security strategy that provides your business with the ability to protect your most important data because you control access to it. Click here to learn the reasons why an organization should get started with implementing a Zero Trust architecture, and how it can go about doing so.
Information Security

Google Chrome Vulnerability (CVE-2021-30563): Dataprise Defense Digest

Google has issued a warning regarding a serious vulnerability in their Chrome browser (affecting Windows, Mac, and Linux) that could potentially allow a malicious actor to take full control over a machine. Google urges users to update their browsers immediately. Currently it’s estimated that about 2 billion Chrome browser installs are vulnerable.
Information Security

T-Mobile & AT&T Breaches: Dataprise Defense Digest

Two of the biggest wireless carriers in the US have been breached, resulting in millions of records of customer information being stolen and sold on the dark web. Besides the latent threat of identity theft, the repercussions of how this data could be misused could be disastrous on both a personal and a corporate level.
Information Security

Zoom to the Top: Law Firms Get an Edge With Hybrid Workplace IT Solutions

Despite the gradual shift back to the office from remote work, workers are demanding the flexibility to structure their days as they see fit. Click here to learn how the right IT services for lawyers can help your firm get ahead by getting the best talent.
Managed Services

3 Cyberattack Vectors & 6 Layers of Cyber Defense for Credit Unions

The average cost of a cyberattack in the financial industry is between $4 – $6 million, making it a profitable matter of interest for hackers all over the world. Click to learn about how attacks on financial institutions work and what can be done to mitigate them.
Information Security

CEO Advice: How to Prevent Cyber Attacks & Prepare for the Future

What is your organizations' cyber recovery strategy and cyber risk threshold? Click to learn more about cyber risk and how to prepare for the next cyber-attack.
Information Security

Microsoft Windows Server Exploit (PetitPotam): Dataprise Defense Digest

On July 23rd, French researcher Gilles Lionel (aka Topotam) revealed a new exploit technique called “PetitPotam” that modifies a previously discovered exploit in the Windows Print Spooler to allow attackers to exploit vulnerable Windows Servers without the Microsoft Print System Remote Protocol (MS-RPRN) API.
Information Security

Continuous Monitoring Cybersecurity: Benefits for Midmarket Businesses

Considering the opportunities for criminals these days, in-house 24x7 cybersecurity monitoring is no longer just an option for midmarket businesses. In this blog we’ll look at the risks created by low cybersecurity visibility and why working with an MSP might be your best possible solution.
Information Security

Linux Sequoia Kernel LPE Vulnerability: Dataprise Defense Digest

In an advisory released by Redhat (informed by researchers at Qualys), a vulnerability in the Linux kernel file system that allows attackers to gain root privileges has been disclosed.
Information Security

Microsoft Windows 10 VSS Vulnerability (#HiveNightmare): Dataprise Defense Digest

On July 20nd, The Carnegie Mellon University’s Software Engineering Institute published a note on a vulnerability (VU#506989) affecting windows 10 issued a warning about a critical vulnerability affecting Windows 10 build 1809 and above which can grant non-administrative users access to SAM, SYSTEM and SECURITY files.
Information Security

Microsoft Print Spooler LPE Vulnerability: Dataprise Defense Digest

In an advisory released by Microsoft on July 15th 2021 via their website, a new vulnerability related to Print Spooler service has been disclosed.
Information Security

Microsoft PowerShell 7 Remote Code Execution Vulnerability: Dataprise Defense Digest

Microsoft issued a warning about a critical .NET Core remote code execution vulnerability in PowerShell version 7. This is caused by the way text encoding is performed in .NET 5 and .NET Core.
Information Security

Hello Kitty Ransomware Attacks VMWare ESXI v.7.0: Dataprise Defense Digest

On July 17th 2021, a post was made to the website “Bleeping Computer” regarding a recent ransomware attack on VMWare ESXI version 7 servers. This ransomware group named “Hello Kitty” was responsible for the attack on the video game company “CD Projekt RED”, where they stole the source code for their games and uploaded them to their leak site.
Information Security

Preventing Remote Workforce Cybersecurity Threats for Hybrid Teams

With increased remote work comes a larger risk for cyber threats. Click to learn about protecting businesses with hybrid and remote workforce cybersecurity.
Information Security

Solarwinds Serv-U Zero-Day Vulnerability: Dataprise Defense Digest

In an advisory released by Solarwinds on July 9th 2021 via their website, they were notified by Microsoft about a critical security vulnerability that affects their Serv-U Managed File Transfer and Serv-U Secure FTP products. This vulnerability (CVE-2021-35211) allows Remote Code Execution (RCE) in the products mentioned above.
Information Security

Hybrid Collaboration & Analytics: Technology in the Hybrid Workforce

The past eighteen months have changed the workforce more drastically than ever. Click to learn about how the 'New Normal' for workplaces, and how organizations can prepare as this new paradigm takes place.
Business Intelligence

Kaseya Ransomware Attack Analysis: Dataprise Defense Digest

On July 2, 2021 Kaseya released an emergency communication via their website about a compromise of their VSA system being used to spread ransomware to client systems. Dataprise immediately shut down all on-premises Kaseya VSA servers and conducted a thorough investigation which determined that our VSA servers were not compromised.
Information Security

PrintNightmare Analysis: Dataprise Defense Digest

A serious Remote Code Execution (RCE) vulnerability has been identified in the Print Spooler service in Windows Operating Systems. Successful exploitation of this vulnerability can allow an authenticated attacker to execute code and gain SYSTEM privileges. This vulnerability can be mitigated by stopping and disabling the Print Spooler service in Windows, especially Domain Controllers.
Information Security

Benefits of Unified Communications Platforms for Cloud Business Ops

Legacy on-premise communication systems like landline phones create obstacles, especially for businesses looking to streamline operations and address the needs of the modern workforce. Click here to learn about the advantages of a unified communication solution.
Telecommunications

Dataprise PROUDLY Supports These Incredible LGBTQ+ Organizations

At Dataprise we believe diversity makes us stronger and we are proud to be celebrating our LGBTQ+ Prisers throughout Pride Month (and beyond!). Click here to learn about six organization we’re supporting whose great work is critical to forward progress.
Corporate Culture

3 Ways Managed UCaaS Enables a Hybrid Workforce

As organizations begin planning the return to office, a key challenge many are facing is how to best support the new normal of a hybrid workforce. Click to learn about how a UCaaS solution offers efficient communication, collaboration, and mobility for hybrid workforces.
Telecommunications

Key Webinar Takeaways: Ransomware 2.0

Ransomware 2.0 is devastating businesses across all industries. This blog post breaks down the most common infection vectors and covers tips on remediation and post-incident communication.
Information Security

Mission-Driven Organizations: Optimize Your IT Budget

Does your mission-driven organization's IT services align with your budget? Click here to learn how to properly manage expenses for your organization.
IT Consulting

The 10 Weakest Links in Cyber Security: Top Cyber Security Issues

Closing security gaps is critical to keeping your environment safe. Click here to learn about 10 common cybersecurity weaknesses and how to address them.
Information Security

5 Controls to Manage an IT Service Transition

The transition from one IT service provider to another can be a challenge. Click to learn about five proven principles based on ITIL®’s methodology that will help your organization maximize success during an IT service transition.
Managed Service Provider

Internal IT Threats: How to Protect Your Business

When we think of modern IT cyber security threats, we often think of a distant hacker probing for security vulnerability gaps in our network, but we may not consider the threat down the hall or on the other side of a virtual meeting. Successful internal attacks are extremely damaging but implementing security best practices can help protect your environment.
IT Fundamentals

Healthcare IT Professional Services: 3 Steps to Improve Healthcare IT

Investing in patient care and an optimized healthcare environment calls for an investment in your technology. This blog addresses three steps you can take to gain insight into the essential technology functions that keep your organization running.
Managed Services

Key Webinar Takeaways: 4 Hidden IT Risks

In this blog we break down risks your organization may face due to aging IT infrastructures and provide actionable measures you can take to overcome them.
IT Fundamentals

Managed IT Services for Financial Institutions: 3 Areas to Gain a Competitive Advantage

Learn about how the right technologies can give your financial institution a significant advantage over your competition.
IT Fundamentals

Securing the Perimeter in a Remote Work World

Learn how to defend your systems and data using perimeter defense security in today's remote work environment.
Information Security

Infrastructure-as-a-Service: Benefits of IaaS Cloud Computing

The benefits of IaaS provide businesses on-demand virtual services such as networking, storage, and hardware. Click here to learn more in our blog.
Cloud

IT's the Job: Corey

IT's the Job employee profile: meet Corey, a Senior Service Desk Engineer.
Talent Acquisition