Information Security

Gigamon Bolsters Deal Registration, Rebates In New Partner Program

by Michael Novinson
The Catalyst Channel Program will help Gigamon expand its partner community from predominantly network infrastructure partners to include more solution providers with security and cloud expertise.
PCM Finds No Sign Of Client Impact In Campaign Tied To Wipro Hack

by Michael Novinson
PCM said it hasn’t found any forensic evidence indicating the company’s network systems were breached by the phishing campaign that compromised Wipro and other IT service providers.
Slalom Consulting Thwarts Phishing Campaign That Led To Wipro Breach

by Michael Novinson
Slalom said it detected and prevented phishing attack activity through a combination of advanced security monitoring, security awareness training, and threat intelligence automation.
CRN Distribution Roundtable: Solving The Perennial Security Problem

by Joseph F. Kovar
Distributors are helping solution providers develop their security practices by identifying coming trends to vetting a host of established and up-and-coming vendors, all with an eye on an industry growing at double digits.
Avanade, Capgemini Also Hit In Campaign Tied To Wipro Hackers

by Michael Novinson
The cybercriminals that compromised dozens of Wipro employees were also able to breach IT service provider giants Avanade and Capgemini. PCM and Slalom are refusing to comment on if they were victims as well.
Product Exec: Wipro Breach Appears To Be 'Legitimate Use' Of ConnectWise Control

by Michael Novinson
ConnectWise Chief Product Officer Jeff Bishop says the KrebsOnSecurity report about the Wipro breach doesn’t seem to indicate that the ConnectWise Control product was hacked or accessed improperly.
Wipro Hackers Also Went After Seven Other Solution Provider Giants: Report

by Michael Novinson
The threat actors responsible for launching a successful phishing campaign against Wipro in March also appear to have targeted Avanade, Capgemini, Cognizant, Infosys, PCM, Rackspace and Slalom, according to KrebsOnSecurity.
Sophos Cyber Threat Report: Sophos 2019 Threat Report & Cybersecurity Trends

by Aaron Nobil
Find out the biggest takeaways from the SophosLabs 2019 Threat Report and what steps solution providers should take to protect themselves.
Cisco Security Alert Urges Patch Of Critical Router Flaw

by Gina Narcisi
Cisco is urging users of its ASR 9000 Series Aggregation Services Routers to install a patch to address a critical flaw that could result in a denial of service attack or remote unauthenticated access to the device.
Wipro Hack Snags At Least 23 Workers, Breached Systems Still Being Found: Report

by Michael Novinson
The adversaries were believed to be using ConnectWise Control on the hacked systems to connect remotely to Wipro client systems, which were then used to obtain further access into Wipro customer networks, KrebsOnSecurity reported.
Cisco: Our VPN Storage Method Doesn't Cause 'Unwarranted Exposure'

by Michael Novinson
Cisco this week acknowledged that its VPN application stores session cookies within system memory, but said the exposure associated with this activity isn't 'unwarranted.'
Fighting Back: MSP Customers Get More Security-Savvy

by Michael Novinson
“Third-party risk management is going to become one of the basics businesses have to succeed at,” said Mathew Newfield, chief information security officer at Unisys.
Wipro Breached, Used As Launching Point For Customer Attacks: Report

by Michael Novinson
Wipro has been dealing with a multi-month intrusion from a state-sponsored hacker, and had its systems used as a jumping off point for attacks targeting at least a dozen client systems, according to a KrebsOnSecurity report.
Fortinet To Pay $545K To Settle Claim That Ex-Employee Defrauded Feds

by Michael Novinson
For more than seven years, a now-terminated Fortinet employee directed employees and contractors to alter certain product labels to obscure the country of origin, according to a settlement agreement.
Cisco, Palo Alto Networks Among Those Impacted By VPN App Flaw: Researchers

by Michael Novinson
Carnegie Mellon’s vulnerability disclosure center found that VPN apps built by Cisco, Palo Alto Networks, F5 Networks and Pulse Secure insecurely store authentication tokens and session cookies in memory or log files. Cisco disputes the finding.