The importance of penetration testing and vulnerability scanning are frequently confused for the same service. Business owners often purchase one when they really need the other, but each are important on their respective levels. Our team of security experts are diving into the differences and how they should fit into your organization's security practices.

The Department of Defense is implementing the Cybersecurity Maturity Model Certification (CMMC) to regulate cybersecurity preparedness across the federal government’s defense industrial base (DIB). Below, we will review the CMMC certification, the DIB, CMMC levels, and how Cyber Advisors is available to prepare you for this critical certification.

Cyber Advisors is an approved Registered Provider Organization (RPO). The RPOs and RPs in the CMMC ecosystem provide advice, consulting, and recommendations to clients to help you navigate the CMMC. Cyber Advisors helps prepare our customers for CMMC readiness but does not conduct Certified CMMC assessments ourselves. Please find our profile below: https://cmmcab.org/marketplace/cyber-advisors-inc/

Cisco Breach

Summary – A recent vulnerability (CVE-2021-1459) found in the web-based management interface of Cisco will have a large impact to small business routers. The vulnerability allows an unauthenticated, remote attacker to execute code on an affected appliance.

Cisco will not have a plan to fix the critical vulnerability, and instead will urge customers to replace the devices. The affected devices are RV110W VPN firewall and Small Business RV130, RV130W, and RV215W routers.

After a recent Fortinet breach, it is critical to understand the approach your organization needs to take to remediate. A successful exploit could allow the attacker to access critical information.

Fortinet Breach

Summary – European companies’ Fortinet VPN devices have been targeted in more recent attacks. In the most recent attacks, a production site was taken down. The attacks happened in the first quarter of 2021.

On April 6^th, 2021, a reported 500+ million LinkedIn accounts were leaked online. The accounts include email addresses, phone numbers, and links to other social media profiles. Information found in LinkedIn can be used to build a profile for their future victims. With LinkedIn’s recent breach, and the other recent social media (e.g., Facebook 533 million profiles) breaches, it is important to utilize a unique password for each site you visit in order to minimize your complete data from being exposed in the dark web.