Security is more important than ever. Cybersecurity has been a problem from the start of IT and it will be till the end. It all started with endpoint and network security, but today, we are also facing with cloudsecurity and managing employees to incorporate good security practices.
All these new technologies that help us innovate also helps cybercriminals and state sponsored hackers to get new tools they can use to get access to our systems, and in a worst case scenario, access to our most valuable data and business secrets. Also, with new legislation in place like GDPR, you need to make sure everything is secure, otherwise you just don’t lose your reputation, but you can also be fined by the government. Protecting IT-environments is more important than ever.
Your first line of defense is usually endpoint protection. The devices your employees work with need to be protected against ransomware and other malware which can bring lots and lots of trouble. This nowadays the most basic form of protection and many of the bigger vendors and suites can help you achieve this.
Network security is a bit more advanced, where you can manage which traffic goes across your network. You can also connect different networks together with e.g. SD-WAN. So, you can run protection software and share data between multiple locations. The trend we see in network protection on the datacenter side is to lock down the traffic by only allowing known, benevolent traffic sources. Regarding office networking, we see new initiatives like ZScaler coming up, where you tunnel all your staff over the network of ZScaler so they can analyse the traffic and block patterns that they marked as malicious. Especially for companies with employees that travel a lot, this is a smart solution.
Many thought that bringing workloads to the cloud would reduce their responsibility of doing security. It is now clear that this is not the case. Most cloud vendors practice the “shared responsibility” approach. This means that big hyperscalers can offer a first line of defense against well known threats and port scanners. For the more sophisticated attacks that are directly pointed at your servers, you need to have your protection in place.
Microsoft has fixed a number of already exploited vulnerabilities in its monthly Patch Tuesday update. The most important is CVE-2024-26234, which allows malicious actors to monitor and intercept network traffic. In the April 2024 security update with 190 enhancements, Microsoft states that the ... Read more
8 days ago
The new platform is designed to visualize and investigate security incidents in cloud, email, network, endpoint, identity, and OT environments. To do this, the ActiveAI Security Platform uses an AI engine. This analyzes a company's data to learn about the organization. Based on this, the engine ... Read more
9 days ago
Purple AI, the new generative AI addition to the SentinelOne platform is going to save a lot of time for security teams and also provide them with much better insights into the weaknesses and vulnerabilities of the organizations they work for, according to the company. As of today, this new AI secu... Read more
10 days ago
The process injection vulnerability allows access to webcams, microphones and sensitive information. Thijs Alkemade, an ethical hacker from Computest Security, discovered a way to circumvent security measures within Apple's operating system. It bears some resemblance to Alkemede's discovery in t... Read more
13 days ago
Microsoft is presenting a public preview of its unified security operations platform announced in November. This platform connects SIEM and XDR from Microsoft Sentinel and Defender XDR with GenAI features from Microsoft Copilot for Security. It aims to give SOCs more agency to directly disrupt atta... Read more
14 days ago
Windows 10 will no longer receive free security updates starting Oct. 14, 2025. Microsoft therefore recommends that users switch to Windows 11 before that date. If not, safe continued usage will only be possible through the Extended Security Updates program. That comes at a high cost. Microsoft ... Read more
15 days ago
Chinese hacker group Storm-0558's attack on Microsoft in 2023 should never have happened. That is the conclusion of the U.S. Cyber Safety Review Board (CSRB). In the report, the CSRB describes a host of security flaws that made the infiltration possible. Microsoft, aside from being active in a w... Read more
15 days ago
A security leak in the Linux compression tool xz shows open-source systems' vulnerability to multi-year infiltration tactics by "trusted" contributors. In this case, the culprits added malicious code after the original creator appeared to neglect the project. A competent successor was supposedly re... Read more
15 days ago
Google closed 28 leaks during the April Android patch cycle, including one critical one. This leak makes phones with Qualcomm chipsets susceptible to remote attacks. Another high-priority vulnerability is in Android's own code, which allows malicious apps to increase their permissions without user ... Read more
16 days ago
The Python repository felt compelled to intervene after packages were uploaded that executed malicious code on devices. It was also temporarily unable to create new projects. PyPi has since returned to normal operation. However, it was not possible to register and create projects for 10 hours. G... Read more
20 days ago
