Security is more important than ever. Cybersecurity has been a problem from the start of IT and it will be till the end. It all started with endpoint and network security, but today, we are also facing with cloudsecurity and managing employees to incorporate good security practices.
All these new technologies that help us innovate also helps cybercriminals and state sponsored hackers to get new tools they can use to get access to our systems, and in a worst case scenario, access to our most valuable data and business secrets. Also, with new legislation in place like GDPR, you need to make sure everything is secure, otherwise you just don’t lose your reputation, but you can also be fined by the government. Protecting IT-environments is more important than ever.
Your first line of defense is usually endpoint protection. The devices your employees work with need to be protected against ransomware and other malware which can bring lots and lots of trouble. This nowadays the most basic form of protection and many of the bigger vendors and suites can help you achieve this.
Network security is a bit more advanced, where you can manage which traffic goes across your network. You can also connect different networks together with e.g. SD-WAN. So, you can run protection software and share data between multiple locations. The trend we see in network protection on the datacenter side is to lock down the traffic by only allowing known, benevolent traffic sources. Regarding office networking, we see new initiatives like ZScaler coming up, where you tunnel all your staff over the network of ZScaler so they can analyse the traffic and block patterns that they marked as malicious. Especially for companies with employees that travel a lot, this is a smart solution.
Many thought that bringing workloads to the cloud would reduce their responsibility of doing security. It is now clear that this is not the case. Most cloud vendors practice the “shared responsibility” approach. This means that big hyperscalers can offer a first line of defense against well known threats and port scanners. For the more sophisticated attacks that are directly pointed at your servers, you need to have your protection in place.
SentinelLabs claims responsibility for finding a severe vulnerability in multiple cloud services, including popular services from AWS. As the threats have since been patched, the researcher goes public with a technical report. SentinelLabs is an extension of SentinelOne. Year-round, the organiza... Read more
2 years ago
Barracuda Networks has updated its portfolio of email protection subscriptions. Available in three categories, the subscriptions focus on providing detection and remediation for Office 365 users. With the new subscriptions, Barracuda Networks says Office 365 users will have more options for dete... Read more
2 years ago
Nobelium, the hack group held responsible for the infamous SolarWinds attack, still has a large arsenal of advanced hacking capabilities at its disposal. This is the conclusion of Mandiant security specialists in a recent study. The full potential of the alleged state-sponsored collective has not y... Read more
2 years ago
The market for initial access is growing at an alarming rate. A side effect of the ransomware explosion of the past year, Group-IB concludes based on a new study. The initial access market entails trade in ready-to-use vulnerabilities for access to corporate environments. Group-IB research shows... Read more
2 years ago
The U.S. Department of Justice has indicted an employee of Ubiquiti for the ransomware attack the company faced this year. Earlier this year, WiFi and network specialist Ubiquiti was hit by a hacking attack. The suspected hackers gained access to all Ubiquiti's AWS accounts, including S3 data bu... Read more
2 years ago
Dell Technologies makes its Dell EMC PowerProtect Cyber Recovery anti-ransomware service available via AWS. Thereby, AWS customers gain access to an 'air-gapped' cyber vault in which they can protect their most critical data from ransomware. By making the Dell EMC PowerProtect Cyber Recovery ser... Read more
2 years ago
VMware’s Carbon Black analysts assist security teams in identifying threats and respond to them promptly. This feature is a courtesy of the new Managed Detection and Response solution. VMware is introducing an increase in the endpoint security business to accommodate cloud-based managed detect... Read more
2 years ago
MonoX Finance, a blockchain startup, announced on Wednesday that a hacker siphoned off $31 million in digital coin by exploiting a bug present in the software the startup uses to draft smart contracts. The company leverages a decentralized finance protocol called MonoX that allows users to trade di... Read more
2 years ago
Hackers gained undiscovered access to a server of the Japanese tech group Panasonic for a significant amount of time. This was discovered by the Japanese public broadcaster NHK. Specifically, the event involved an attack by hackers on a server in which a lot of confidential information was stored. ... Read more
2 years ago
Researchers say they've found a batch of apps on the Google Play Store downloaded more than 300,000 times before they were shown to have trojans that siphoned passwords, 2FA (two-factor authentication) codes, took screenshots, and logged keystrokes. The apps pose as PDF scanners, cryptocurrency ... Read more
2 years ago
