Microsoft’s Important Update On MFA & SSPR Settings Change
Today we want to bring your attention to an important update from Microsoft regarding their authentication methods for Multi-Factor Authentication (MFA) and Self Service Password Reset (SSPR). As technology continues to evolve, ensuring the security of your organization’s sensitive data becomes increasingly crucial. Microsoft has recently announced a strategic shift away from legacy authentication methods and is introducing a new, significantly more secure platform for authentication. This change is set…
Continued
The 5 Most Important Questions to Ask your SIEM Provider & When You Should Probably Re-Evaluate Your Current Solution
First Things First: What is a SIEM? A SIEM (Security Information and Event Management) is a software solution that collects and analyzes security data from multiple sources in real-time to detect and respond to security threats. It aggregates and correlates logs and alerts generated from different sources, such as network devices, servers, and applications, and uses machine learning algorithms to identify patterns of suspicious behavior or anomalies. SIEMs also provide…
Continued
Stop Relying on NIST 800-171 Self-Assessments: 5 Reasons They’re (Probably) Wasting Your Time
As a CMMC Registered Practitioner Organization (RPO) with decades of cybersecurity experience, we have conducted countless assessments for organizations to help them address their compliance obligations and consistently notice that the vast majority of the organizations that have conducted self-assessments are strikingly off mark, leading to frustration, considerable time loss, and the unnecessary expenditure of valuable resources. While self-assessments may seem like a cost-effective way to evaluate compliance with the…
Continued
Security Risk: .Mov and .Zip domains can lead to malware
We want to bring your attention to a concerning development involving the use of new top-level domains (TLDs) introduced by Google. Specifically, threat actors are leveraging TLDs such as .mov and .zip to target organizations, posing a significant security risk. The Deceptive Nature of .mov and .zip Domains: The primary concern lies in the fact that .mov and .zip are widely recognized file extensions for internet-shared files. Exploiting this familiarity,…
Continued
Traveling for Memorial Day? 5 Cybersecurity Tips to Keep You & Your Family Safe this Summer!
Traveling for Memorial Day? 5 Cybersecurity Tips to Keep You & Your Family Safe this Summer! Cybersecurity is a crucial aspect of our lives that we cannot afford to neglect especially when our guard is down on vacation! While vacations are meant to be a time to relax and unwind, they can also present opportunities for cyber criminals to exploit our vulnerabilities. In this article, we will provide you with…
Continued
Protect Your Systems from CVE-2023-23397: A Critical Vulnerability in Outlook
Earlier this week, our TSI Managed Services team addressed a critical vulnerability (CVE-2023-23397) impacting Outlook for our clients. Learn more about the vulnerability and how to protect your systems below. What is CVE-2023-23397 – the CVE impacting Outlook? Microsoft disclosed a critical vulnerability to Outlook called CVE-2023-23397 on March 14 as part of the March Patch Tuesday fixes. This vulnerability is considered a significant threat, with a rating of 9.8…
Continued
Cyber Security Policy Starter Kit:
10 Critical Policies That Every Company Should Have in Place
