Cybersecurity Blog

Network Security

  • Critical Vulnerabilities Found on Exchange Server 2019, 2016, and 2013

    Microsoft released several security updates for Microsoft Exchange Server to address vulnerabilities that have already been used in limited targeted attacks. Due to the critical nature of these vulnerabilities, it is recommended that customers apply the updates to affected systems immediately to protect against these exploits and to prevent future abuse across the ecosystem.

    Read More

  • Thoughts on SolarWinds Incident for FedGov

    The Information Technology community is in the midst of one of the most far-reaching cybersecurity failures in history. The supply chain for SolarWinds updates provided an opportunity for attackers to gain entrance into a broad customer base without directly attacking fortified defenses. The next steps for potential victims include recognition of the breach, remediation of the affected network assets, and recovery. Recovery would be achieved to a level of assurance for confidence, integrity, and availability of an organization’s data and operations.

    Read More

  • ManageEngine ServiceDesk Plus Password Extraction

    In a recent internal penetration test performed for one of our clients, we were able to compromise their network by chaining vulnerabilities together that allowed us to acquire domain administrator credentials.

    Read More

  • Increase in Cyber Attacks on K-12 Schools in Remote Environment

    K-12 schools continues to be a target for cyber attacks. Cybersecurity & Infrastructure Security Agency (CISA) shared an alert regarding the increase in attack due to the remote work environment and some mitigations to reduce your risk.

    Read More

  • SolarWinds Orion Vulnerability

    SolarWinds, a popular software company used by organizations big and small, was the target of an advanced cyber attack that allowed fraudsters to implant a backdoor in one of their popular software products.

    Read More

  • To Pay or Not Pay the Ransom

    There has been an increase in ransomware demands since COVID and this sometimes encourage future ransomware payment demands. This could result in sanctions.

    Read More

  • Think! Before You Click The Link.

    Statistics show that over 90% of cyber-attacks are a result of successful email phishing campaigns.

    Read More

Subscribe to Blog   

Protecting your data from cyber threats starts with confidentiality, integrity, and availability. CLA’s cybersecurity team understands the threats you face — and how to help keep your organization safe. Check back often to learn about risks, trends, IT security attack and defense, and mitigation and response techniques.