Security is more important than ever. Cybersecurity has been a problem from the start of IT and it will be till the end. It all started with endpoint and network security, but today, we are also facing with cloudsecurity and managing employees to incorporate good security practices.
All these new technologies that help us innovate also helps cybercriminals and state sponsored hackers to get new tools they can use to get access to our systems, and in a worst case scenario, access to our most valuable data and business secrets. Also, with new legislation in place like GDPR, you need to make sure everything is secure, otherwise you just don’t lose your reputation, but you can also be fined by the government. Protecting IT-environments is more important than ever.
Your first line of defense is usually endpoint protection. The devices your employees work with need to be protected against ransomware and other malware which can bring lots and lots of trouble. This nowadays the most basic form of protection and many of the bigger vendors and suites can help you achieve this.
Network security is a bit more advanced, where you can manage which traffic goes across your network. You can also connect different networks together with e.g. SD-WAN. So, you can run protection software and share data between multiple locations. The trend we see in network protection on the datacenter side is to lock down the traffic by only allowing known, benevolent traffic sources. Regarding office networking, we see new initiatives like ZScaler coming up, where you tunnel all your staff over the network of ZScaler so they can analyse the traffic and block patterns that they marked as malicious. Especially for companies with employees that travel a lot, this is a smart solution.
Many thought that bringing workloads to the cloud would reduce their responsibility of doing security. It is now clear that this is not the case. Most cloud vendors practice the “shared responsibility” approach. This means that big hyperscalers can offer a first line of defense against well known threats and port scanners. For the more sophisticated attacks that are directly pointed at your servers, you need to have your protection in place.
Companies and developers are becoming increasingly concerned about API security. Research by Noname Security shows that API usage doubled in the last few months. On average, the surveyed companies used 15,564 different APIs. Concerns about security The explosive growth leads to concerns ... Read more
2 years ago
On Tuesday, Lenovo announced security patches for more than 100 laptop models to address significant vulnerabilities that allow sophisticated hackers to install malicious software that is nearly hard to delete or detect in some circumstances. Hackers may be able to change a computer's ... Read more
2 years ago
Zscaler observed nearly 880 million phishing attacks in 2021. The number of attempts rose by 29 percent worldwide. Zscaler develops a security platform for business networks and endpoints. The platform monitors more than 40 billion data transactions per day. Suspicious traffic is intercepted an... Read more
2 years ago
A report by CloudSEK describes how cybercriminals spread a new infostealer through Google Search. Fake web pages are regularly used to spread malware. Until recently, the Google search results for 'Windows 11 upgrade' contained a fake Microsoft website with a fraudulent download link for Windows... Read more
2 years ago
A cyberattack on Vives has downed all systems. The Belgian college expects to reopen on Wednesday. Vives, a college in West Flanders, was hit by a cyberattack on the 15th of April. Employees discovered that hackers tried to steal data such as management passwords. In an attempt to prevent attack... Read more
2 years ago
Fortinet recently introduced a new service that allows companies to create security awareness among employees. With this, companies reduce the odds of their employees falling victim to social engineering and other forms of fraud. According to Fortinet, 73 percent of companies dealt with at leas... Read more
2 years ago
The spyware can turn a phone into a listening device. Research group Citizen Lab has found that spyware made by NSO Group Ltd. was used to target a device connected to the network of 10 Downing Street, the office and residence of Britain’s prime minister. Israel-based NSO Group is the devel... Read more
2 years ago
Kyndryl and Dell Technologies launch Cyber Incident Recovery. Kyndryl uses Dell's high-performance hardware to implement waterproof backup and recovery systems for customers. The two have been working together for some time. Kyndryl split off from IBM in 2021 and consists of its former IT infras... Read more
2 years ago
Google published an emergency patch for a critical zero-day vulnerability in Chrome Windows, Mac and Linux. Google confirmed the existence of a type confusion vulnerability in Google Chrome. Type confusion vulnerabilities work as follows. First, an application allocates an object in a certain ca... Read more
2 years ago
A vulnerability in the Elementor plugin for WordPress affects millions of websites. The vulnerability exists in Elementor 3.6.0, which was released on 22 March. Researchers found that the vulnerability stems from a lack of access checks in one of the plugin's files. The check is supposed to run... Read more
2 years ago
