Security is more important than ever. Cybersecurity has been a problem from the start of IT and it will be till the end. It all started with endpoint and network security, but today, we are also facing with cloudsecurity and managing employees to incorporate good security practices.
All these new technologies that help us innovate also helps cybercriminals and state sponsored hackers to get new tools they can use to get access to our systems, and in a worst case scenario, access to our most valuable data and business secrets. Also, with new legislation in place like GDPR, you need to make sure everything is secure, otherwise you just don’t lose your reputation, but you can also be fined by the government. Protecting IT-environments is more important than ever.
Your first line of defense is usually endpoint protection. The devices your employees work with need to be protected against ransomware and other malware which can bring lots and lots of trouble. This nowadays the most basic form of protection and many of the bigger vendors and suites can help you achieve this.
Network security is a bit more advanced, where you can manage which traffic goes across your network. You can also connect different networks together with e.g. SD-WAN. So, you can run protection software and share data between multiple locations. The trend we see in network protection on the datacenter side is to lock down the traffic by only allowing known, benevolent traffic sources. Regarding office networking, we see new initiatives like ZScaler coming up, where you tunnel all your staff over the network of ZScaler so they can analyse the traffic and block patterns that they marked as malicious. Especially for companies with employees that travel a lot, this is a smart solution.
Many thought that bringing workloads to the cloud would reduce their responsibility of doing security. It is now clear that this is not the case. Most cloud vendors practice the “shared responsibility” approach. This means that big hyperscalers can offer a first line of defense against well known threats and port scanners. For the more sophisticated attacks that are directly pointed at your servers, you need to have your protection in place.
Security researchers at the Vrije Universiteit Amsterdam (VUSec) found a vulnerability in most Intel CPUs. The team managed to leak kernel memory in modern Intel CPUs as unprivileged users. Intel and Arm have been taking hardware measures to counter Spectre attacks since 2018. Spectre-v2, the se... Read more
2 years ago
UPS flaws allow for remote code execution and remote fire-based interruptions Security researchers at Armis have detailed a trio of vulnerabilities in so-called Smart-UPS devices sold by Schneider Electric subsidiary APC. These flaws allow for unnoticeable remote code execution, replacing of fir... Read more
2 years ago
Microsoft patched an important vulnerability in Microsoft Exchange Server during Patch Tuesday. In addition, 70 other issues were addressed. CVE-2022-23277 allowed cybercriminals to remotely activate malicious code via a network call to a server account. Ultimately, lateral moves allowed hackers... Read more
2 years ago
CyberRes introduces the Galaxy Threat Acceleration Program (GTAP+) for its CyberRes Galaxy security platform. GTAP+ provides end users of ArcSight Enterprise Security Manager with the latest threat intelligence. Moreover, the service informs on context to help customers better understand threats... Read more
2 years ago
Cloudflare, CrowdStrike and Ping Identity established the joint Critical Infrastructure Defense Project to protect companies in strategic US industries free of charge. According to Cloudflare, CrowdStrike and Ping Identity, it's imperative for vendors to defend vulnerable industry sectors agains... Read more
2 years ago
Researchers from CM4all discovered that the Linux kernel was hit by Dirty Pipe, a vulnerability that allows hackers to inject malicious code into root processes. According to CM4all researchers, the vulnerability allows hackers to overwrite data with malicious code in read-only files. Injecting ... Read more
2 years ago
Google and Microsoft are said to have set their sights on Mandiant. The tech giants hope to realize the acquisition to boost their cybersecurity portfolio. A source from The Information claims that both Google and Microsoft have shown interest in Mandiant due to a great demand for its security s... Read more
2 years ago
A vulnerability in Azure Automation put the data of entire Azure environments at risk. Today, Microsoft announced that the problem has been patched behind closed doors. Microsoft Azure Automation is used for process automation and update management. The service allows customers to schedule vario... Read more
2 years ago
Friss, a fraud detection specialist, is acquiring Polonious. Friss develops fraud detection and prevention software. Insurers use the technology to calculate risks and prevent fraud. Today, Friss announced the acquisition of Polonious. Polonious develops fraud investigation and case management s... Read more
2 years ago
A data breach at Nvidia allows cybercriminals to disguise malware with trusted code signing certificates. Since last week, ransomware group Lapsus$ claims to possess over 1TB of private Nvidia data. Although Nvidia acknowledges that data was stolen, the organization "expected no impact on custom... Read more
2 years ago
