The FireEye breach on Dec 8, 2020, was executed by a “nation with top-tier offensive capabilities.” These hackers got a hold of FireEye’s own toolkit, which they can use to mount new attacks globally. What does this mean for you? Mandiant is a leading Red Team/Penetration Testing company with a highly sophisticated toolkit, called the "Red Team tools." These are digital tools that replicate some of the best hacking tools in the world.

One of the lasting changes brought about by the COVID-19 pandemic is that it forced organizations to rethink the concept of a workspace. As remote work became inevitable, IT teams had to enable the secure transition to remote work almost overnight. Opening up offices, on the contrary, will likely be executed in planned phases. A United States Department of State advisory recommends that workforces return to an office in three phases, with the employees most at risk coming in at a later stage.

As companies adopt container technologies, they face a significant challenge - how do we secure this new attack surface? It’s an issue that you often see backlogged in favor of solving storage, networking and monitoring issues. Add on the challenge of educating the workforce on one of the fastest-growing open source projects to date, and it’s no wonder security has lagged as the primary focus for teams.

Cloud environments are always susceptible to security issues. A significant contributor to this problem is misconfigured resources. Traditional IT Infrastructure was somewhat static; server hardware only changed every few years. With few changes occurring, security was also more static. The modern cloud environment is a much different challenge. In cloud environments, servers, services, and storage are created with automation, resulting in a dynamic and potentially ever-changing server environment.

On December 13, SolarWinds released a security advisory regarding a successful supply-chain attack on the Orion management platform. The attack affects Orion versions 2019.4 HF 5 through 2020.2.1, software products released between March and June of 2020. Likewise, on December 13, FireEye released information about a global campaign involving SolarWinds supply-chain compromise that affected some versions of Orion software.

Managed service providers (MSPs) face ransomware, malware, and other cyber attacks — and these issues can affect both MSPs and their clients. To understand the full impact of an MSP cyber attack, let’s examine the topic in more detail. Businesses use MSPs to manage IT infrastructure and other resources. In doing so, businesses outsource the maintenance and care of applications, networks, security, and other aspects of their IT operations to a third-party.

We’re happy to announce that we’ve successfully completed PCI (Payment Card Industry Data Security Standard) Service Provider Certification. This means that at Logit.io we are committed to the security of storing, processing and transmitting credit card transactions.