As news of the SolarWinds Orion security breach continues to develop, the Ascend Technologies security team is closely monitoring updates and evaluating the impact on organizations like yours. This feed will be updated frequently with breaking news and expert insights directly from our Security Operations Centers (SOCs).
Quick how-to guide to using Salesforce Inspector
In a previous post, I had introduced a favorite tool of mine called Salesforce Inspector. In this post, I’d like to dig into this tool a little deeper. I will share some of the specific ways it’s helped me save time (and hopefully will help you too!)
As a new wave of malware-focused phishing attacks gain popularity, our expert security engineers are on the frontlines. Here's what you need to know.
Plugins for Awesome Salesforce Admins
As a Salesforce admin for a managed services provider, I’m always on the lookout for tools that will make me more efficient at what I do. Over the past several years, both as a Salesforce admin as well as previous experience in other tech roles, I’ve found Chrome plugins are constantly being created to make my life easier. I’d like to share a few of my...
Accelerated Roll Out Timeline
Like many organizations, we had some eye opening moments as we migrated from Skype to Microsoft Teams. With Skype end of life coming in July of 2021, we knew we needed to make the move. However, the pandemic forced us to accelerate our adoption timelines.
There was a time, years ago, when I wasn’t just the highly capable security practitioner you see before you. I was also a Soldier. I wore a uniform for 22 years altogether, most of the time as an Infantryman in my state’s National Guard.
March, 2020 — We recently had a Malicious Operation (Malop) pop up for one of our MSP Partners' small business clients and it turned out to be a true hit, with malicious PowerShell on a couple of hosts with RDP (port 3389) open to the internet. Our Malware Prevention thankfully blocked the malicious payloads, but something was still going on that needed to be tracked down and remediated.
Is your organization prepared to work from home due to the Coronavirus? Not just prepared for the change, but structurally prepared? Is your network designed to protect against the risks?
For offices around the world, the possibility of having to send employees home indefinitely as the virus spreads is becoming very real. If your organization hasn’t needed work-from-home policies in place...
Advanced attacks are out there.
Advanced malware threats are hiding in software applications many of us use daily and trust. So much so that legitimate software can be difficult to distinguish. New attack vectors are continuously being discovered and attackers are finding back doors onto your device to gather you or your company’s information.
Over the last 2 years, our team has been researching a number of platforms, frameworks, trainings, and various definitions of Endpoint Detection & Response (EDR) technology. And of course, the newest hot buzzword in cybersecurity: “Threat Hunting.” After all this research, we have a team put together and have partnered with a platform we believe in, allowing us to be able to offer this...
You know how the story goes...
Two guys are out hiking in the forest when they notice that a bear begins charging at them. One of the guys pulls off his heavy hiking boots and begins tying on a pair of running shoes.
Ignore security at your own and your customers’ peril.
Recently there was a post on r/sysadmin from a network administrator who had a client system hacked because he left their iLO card facing the internet…
In the past 48 hours, security operators have seen a new ‘sextortion’ message begin popping up in client inboxes almost everywhere.
The most frightening part of this message is that it lists a password either in the subject line or the first sentence.
Over the last couple of weeks, we’ve noticed an uptick in phishing emails that are using fake DocuSign sites to attempt to steal credentials to user email accounts.