Cisco Firewall Zero-Day Exploited by Interlock Ransomware Weeks Before Patch

• Post author:Pocholo Legaspi
• Post published:March 23, 2026
• Post category:Blogs

CVE-2026-20131 gave Interlock unauthenticated root access to Cisco FMC systems. The group had been exploiting it for 36 days before Cisco published a patch.

Continue ReadingCisco Firewall Zero-Day Exploited by Interlock Ransomware Weeks Before Patch

What Should Be in Your Incident Response Plan?

• Post author:Pocholo Legaspi
• Post published:March 18, 2026
• Post category:Blogs

A solid incident response plan is built before you need it. Here's what yours should include, from CSIRT roles to communication templates and tabletop testing.

Continue ReadingWhat Should Be in Your Incident Response Plan?

How to Secure OT/IT Convergence Without Slowing Down Production

• Post author:Pocholo Legaspi
• Post published:March 16, 2026
• Post category:Blogs

Manufacturers struggle to secure OT without disrupting operations. Security controls that risk downtime face pushback from teams running production equipment.

Continue ReadingHow to Secure OT/IT Convergence Without Slowing Down Production

Why Least Privilege Is Harder (And More Important) for MSPs

• Post author:Pocholo Legaspi
• Post published:March 13, 2026
• Post category:Blogs

Third-party involvement in breaches doubled to 30% in 2025. MSPs are high-value targets where one compromised technician exposes all client environments.

Continue ReadingWhy Least Privilege Is Harder (And More Important) for MSPs

OpenClaw Went from Viral AI Agent to Security Crisis in Just Three Weeks

• Post author:Pocholo Legaspi
• Post published:March 10, 2026
• Post category:Blogs

Over 135,000 OpenClaw instances were publicly exposed with zero authentication. A supply chain attack planted 341 malicious skills in the ClawHub marketplace.

Continue ReadingOpenClaw Went from Viral AI Agent to Security Crisis in Just Three Weeks

Compliant but Still Breached: Why Security Doesn’t Stop at the Audit

• Post author:Pocholo Legaspi
• Post published:March 4, 2026
• Post category:Blogs

PCI compliance alone isn't a risk management strategy. Target's breach showed the gap between passing audits and maintaining effective security controls daily.

Continue ReadingCompliant but Still Breached: Why Security Doesn’t Stop at the Audit

Remote Access Security Through a Zero Trust Lens

• Post author:Pocholo Legaspi
• Post published:February 25, 2026
• Post category:Blogs

Zero Trust principles change how remote access works. MFA per session, approval workflows, and automatic termination reduce the impact of credential compromise.

Continue ReadingRemote Access Security Through a Zero Trust Lens

France’s National Bank Account Database Breached: 1.2 Million Accounts Exposed

• Post author:Pocholo Legaspi
• Post published:February 23, 2026
• Post category:Blogs

Stolen credentials gave hackers access to France's national bank account database, exposing 1.2 million accounts and enabling potential fraud.

Continue ReadingFrance’s National Bank Account Database Breached: 1.2 Million Accounts Exposed

Admin By Request Heads to Gartner IAM Summit London

• Post author:Pocholo Legaspi
• Post published:February 19, 2026
• Post category:Blogs

Meet Admin By Request at Gartner IAM Summit London, March 9-10. Paul Fisher speaks on Identity at the Core, Privilege at the Edge on March 10 at 11:15 AM.

Continue ReadingAdmin By Request Heads to Gartner IAM Summit London

What’s New in Admin By Request for macOS 5.2

• Post author:Pocholo Legaspi
• Post published:February 17, 2026
• Post category:Blogs

Admin By Request for macOS 5.2 adds Secure Remote Access and Okta authentication. Unattended access and remote support now work across all platforms.

Continue ReadingWhat’s New in Admin By Request for macOS 5.2