https://microsegment.io/categories/article/ Recent content in Article on microsegment.io Hugo en-us Wed, 08 Apr 2026 00:00:00 +0000 https://microsegment.io/post/2026-04-08-management-consoles-keys-to-the-kingdom/ Wed, 08 Apr 2026 00:00:00 +0000 https://microsegment.io/post/2026-04-08-management-consoles-keys-to-the-kingdom/ <h2 id="the-wrong-thing-is-still-trusted">The Wrong Thing Is Still Trusted</h2> <p>Defenders keep hardening endpoints, tuning detections, and buying more visibility.</p> <p>Meanwhile, attackers keep going after the systems that already have permission to touch everything.</p> <p>That is the real problem with management consoles.</p> <p>When a laptop gets compromised, you have an incident.</p> <p>When a management console gets compromised, you may have a change-control problem, an identity problem, a visibility problem, and a lateral movement problem all at once.</p> https://microsegment.io/post/2026-03-31-hard-truths-2-patching-whack-a-mole/ Tue, 31 Mar 2026 00:00:00 +0000 https://microsegment.io/post/2026-03-31-hard-truths-2-patching-whack-a-mole/ <h2 id="the-math-nobody-wants-to-do">The Math Nobody Wants to Do</h2> <p>March Patch Tuesday: 84 vulnerabilities. Including two zero-days already under active exploitation.</p> <p>February: APT28 was exploiting CVE-2026-21513 in MSHTML <strong>before the patch even shipped</strong>. A Russian state-sponsored group had your number before Microsoft did. <a href="https://thehackernews.com/2026/03/apt28-tied-to-cve-2026-21513-mshtml-0.html">Source</a></p> <p>Every month, the same ritual plays out across enterprise IT:</p> <ol> <li>Vendor drops patches</li> <li>Security team triages</li> <li>Testing begins</li> <li>Change advisory boards convene</li> <li>Deployment rolls out in waves</li> <li>Stragglers get chased down</li> <li>Next Patch Tuesday arrives</li> </ol> <p>Repeat forever.</p> https://microsegment.io/post/2026-03-26-hard-truths-1-security-tools-attack-surface/ Thu, 26 Mar 2026 00:00:00 +0000 https://microsegment.io/post/2026-03-26-hard-truths-1-security-tools-attack-surface/ <h2 id="the-pattern-nobody-wants-to-see">The Pattern Nobody Wants to See</h2> <p>This month alone, four major security vendors had their management infrastructure turned into attack vectors. Not the endpoints they protect. The management consoles that control them.</p> <p>Let that sink in.</p> <h3 id="the-incidents">The Incidents</h3> <p><strong>Cisco Secure Firewall Management Center</strong> - CVE-2026-20131, CVSS 10.0. Unauthenticated remote code execution as root. The Interlock ransomware group exploited this as a zero-day for <strong>36 days</strong> before Cisco even disclosed it. Amazon&rsquo;s threat intelligence team caught them exploiting it since January 26. The attackers had custom RATs, recon scripts, proxy infrastructure - the full playbook. All through a firewall management console.</p> https://microsegment.io/post/2019-09-16-microservices-and-microsegmentation/ Mon, 16 Sep 2019 00:00:00 +0000 https://microsegment.io/post/2019-09-16-microservices-and-microsegmentation/ <blockquote> <p>The thing to remember is that just because dev has decided to leverage microservices does not in turn mean that the network somehow magically becomes microsegmented or that if microsegmentation is used to optimize the network service architecture that suddenly apps become microservices. Microsegmentation can be used to logically isolate monolithic applications as easily as it can microservices.</p> </blockquote> <p><a href="https://dzone.com/articles/microservices-versus-microsegmentation">Article from DZone</a></p> <p>&ldquo;Micro is big these days&rdquo; - The below statement is from an article showing the similarities and differences between microservices and microsegmentation. Of course we all know the differences, but we might have never thought about the similarities between the two approaches.</p>