Blog

Log4J Exploit Easily leads to Remote Code Execution

Log4J Exploit Easily leads to Remote Code Execution

(Updated original post to account for the fourth CVE log4j vulnerability and latest update to 2.17.1) A reminder of the complex nature of technology systems. Code from third-party library open-source Apache Java tool has critical vulnerabilities and has required...
Love Them, or Leave your MSSP for the Right One

Love Them, or Leave your MSSP for the Right One

Some service providers forget that their business is about supporting clients and building long-term relationships. Not every relationship should continue if there are critical warning signs. Feeling locked in or trapped in a sub-par relationship is not something you...
Blocking Threats at the Endpoint

Blocking Threats at the Endpoint

      TECH LOCK provides managed security services, and we technically vet all the vendors we use in our portfolio. While there are several top-notch endpoint detection and response solutions, we partner with Fortinet to provide the technology behind a...
Prioritize Critical VPN Vulnerabilities

Prioritize Critical VPN Vulnerabilities

*Photo by schach100 from Pexels Alerts, especially from government sources, should be immediately escalated as critical vulnerabilities to remediate. VPNs are the digital doors to our organizations. They are continuously being tested by malicious and bad actors. A new...
Security for Survival vs. Strategic Security

Security for Survival vs. Strategic Security

*Photo by schach100 from Pexels The unfortunate state of where we are with cybersecurity can be attributed to the decisions we’ve made along the way. There are those who look at security in the most basic form and those who treat security as a strategic initiative...
SolarWinds Widening Risk

SolarWinds Widening Risk

    Take Action Now Disconnect or power down SolarWinds Orion products, versions 2019.4 through 2020.2.1 HF1, from their network. Treat all hosts monitored by the SolarWinds Orion monitoring software as compromised by threat actors and assume that advanced...