Security is more important than ever. Cybersecurity has been a problem from the start of IT and it will be till the end. It all started with endpoint and network security, but today, we are also facing with cloudsecurity and managing employees to incorporate good security practices.
All these new technologies that help us innovate also helps cybercriminals and state sponsored hackers to get new tools they can use to get access to our systems, and in a worst case scenario, access to our most valuable data and business secrets. Also, with new legislation in place like GDPR, you need to make sure everything is secure, otherwise you just don’t lose your reputation, but you can also be fined by the government. Protecting IT-environments is more important than ever.
Your first line of defense is usually endpoint protection. The devices your employees work with need to be protected against ransomware and other malware which can bring lots and lots of trouble. This nowadays the most basic form of protection and many of the bigger vendors and suites can help you achieve this.
Network security is a bit more advanced, where you can manage which traffic goes across your network. You can also connect different networks together with e.g. SD-WAN. So, you can run protection software and share data between multiple locations. The trend we see in network protection on the datacenter side is to lock down the traffic by only allowing known, benevolent traffic sources. Regarding office networking, we see new initiatives like ZScaler coming up, where you tunnel all your staff over the network of ZScaler so they can analyse the traffic and block patterns that they marked as malicious. Especially for companies with employees that travel a lot, this is a smart solution.
Many thought that bringing workloads to the cloud would reduce their responsibility of doing security. It is now clear that this is not the case. Most cloud vendors practice the “shared responsibility” approach. This means that big hyperscalers can offer a first line of defense against well known threats and port scanners. For the more sophisticated attacks that are directly pointed at your servers, you need to have your protection in place.
Palo Alto Networks expands Prisma SASE with new features for cyberattack detection and outage troubleshooting. Palo Alto Networks is one of the world's largest security software vendors. The organization generated more than €4 billion in revenue in 2021. Prisma SASE is key to the offering. ... Read more
2 years ago
Google introduced a new bug bounty program to pay researchers who find security flaws in its open-source software and the building blocks it uses. As reported by The Verge, Google says it will pay anywhere from $101 to $31,337 for information about bugs in its dev projects like Angular, GoLang, ... Read more
2 years ago
Greece's government wants the European Commission to stay out of a national wiretapping scandal, but several members of the European Parliament (MEPs) oppose the request. Greece's spying outrage escalated intensely on the 5th of August. It all started when two senior officials belonging to Prim... Read more
2 years ago
Researchers at McAfee revealed a rare malware application in five Chrome extensions with 1.4 million downloads. Scammers spread the extensions to dupe e-commerce websites. The method is uncommon. The malicious extensions lie in wait for the moment an infected user navigates to an e-commerce webs... Read more
2 years ago
Researchers found malicious plugins on nearly 25,000 WordPress websites. Researchers at the Georgia Institute of Technology discovered 47,337 malicious plugins on 24,931 unique WordPress websites. Each website used two or more infected plugins. 94 percent were actively engaged in malicious acti... Read more
2 years ago
The attack forced the agency to shut down its IT systems for some time. Italy’s energy agency, Gestore dei Servizi Energetici (GSE), suffered a malware attack on Sunday night and Monday morning, according to a report in Bloomberg. GSE is responsible for the country's energy security. Accordin... Read more
2 years ago
Atlassian issued a security alert for its Bitbucket Server and Datacenter solution. A vulnerability allows hackers to execute arbitrary code on affected instances. Bitbucket is a Git-based code tool for hosting, management and collaboration. The tool integrates with Atlassian's Jira and Trello s... Read more
2 years ago
Developers and maintainers of PyPI are under attack by digital scammers through email phishing. Several PyPI developers and maintainers have fallen for phishing scams conducted by digital scammers. The malicious campaign was disclosed by Adam Johnson, a project board member at Django, who receiv... Read more
2 years ago
Mitiga finds the Microsoft 365 accounts of business executives under attack by malicious attackers who use a combined strategy of spear phishing and man-in-the-middle methods. Cybersecurity firm Mitiga disclosed that a dubious Business Email Compromise (BEC) campaign is continuously targeting Mi... Read more
2 years ago
RedPacket Security claims that telecom giant Altice fell victim to a cyberattack by ransomware group Hive. RedPacket Security uses web crawlers to collect threat information on the dark web. According to the company, telecom giant Altice fell victim to a ransomware attack on August 9. The attac... Read more
2 years ago
