Category: Security

Security is more important than ever. Cybersecurity has been a problem from the start of IT and it will be till the end. It all started with endpoint and network security, but today, we are also facing with cloudsecurity and managing employees to incorporate good security practices.

All these new technologies that help us innovate also helps cybercriminals and state sponsored hackers to get new tools they can use to get access to our systems, and in a worst case scenario, access to our most valuable data and business secrets. Also, with new legislation in place like GDPR, you need to make sure everything is secure, otherwise you just don’t lose your reputation, but you can also be fined by the government. Protecting IT-environments is more important than ever.

Endpoint Security

Your first line of defense is usually endpoint protection. The devices your employees work with need to be protected against ransomware and other malware which can bring lots and lots of trouble. This nowadays the most basic form of protection and many of the bigger vendors and suites can help you achieve this.

Network security

Network security is a bit more advanced, where you can manage which traffic goes across your network. You can also connect different networks together with e.g. SD-WAN. So, you can run protection software and share data between multiple locations. The trend we see in network protection on the datacenter side is to lock down the traffic by only allowing known, benevolent traffic sources. Regarding office networking, we see new initiatives like ZScaler coming up, where you tunnel all your staff over the network of ZScaler so they can analyse the traffic and block patterns that they marked as malicious. Especially for companies with employees that travel a lot, this is a smart solution.

Cloud security

Many thought that bringing workloads to the cloud would reduce their responsibility of doing security. It is now clear that this is not the case. Most cloud vendors practice the “shared responsibility” approach. This means that big hyperscalers can offer a first line of defense against well known threats and port scanners. For the more sophisticated attacks that are directly pointed at your servers, you need to have your protection in place.

Iranian state hackers carry out destructive attacks on Israel

Iranian state hackers carry out destructive attacks on Israel

Since the Hamas terrorist attack on Oct. 7, attacks by Iranian state hackers have been taking place aimed at undermining public support in Israel for the war. To this end, they are carrying out destructive attacks on key Israeli organizations. This is according to research data from Mandiant and... Read more

date10 days ago
Sophisticated phishing campaign hijacks Microsoft Azure accounts

Sophisticated phishing campaign hijacks Microsoft Azure accounts

An advanced phishing campaign attacked hundreds of companies' Microsoft Azure accounts. Once the hackers got the login information, the accounts were hijacked with various forms of MFA. According to Proofpoint security researchers, hundreds of Microsoft Azure accounts within companies have recen... Read more

date11 days ago
‘Quishing attacks surge and bypass email security’

‘Quishing attacks surge and bypass email security’

Email attacks using QR codes increased significantly in the last quarter of 2023. Researchers are concerned because quishing attacks are increasingly able to bypass email security solutions or spam filters. Researchers at Abnormal Security found in a study that quishing attacks involving malicio... Read more

date15 days ago
Fortinet wants users of several SSL VPNs to update

Fortinet wants users of several SSL VPNs to update

Fortinet is again warning of a critical vulnerability, this time in FortiOS SSL VPN. The vulnerability enables a remote execution code attack and is reportedly already being actively exploited. Fortinet found another vulnerability in one of its products. This time it is in FortiOS SSL VPN. The v... Read more

date15 days ago
Microsoft Bitlocker encryption cracked in seconds with Raspberry Pi

Microsoft Bitlocker encryption cracked in seconds with Raspberry Pi

Security researcher Stacksmashing managed to crack Microsoft's Bitlocker encryption in 43 seconds. To do so, he used a Raspberry Pi Pico mini-PC, which costs only $4. Stacksmashing recently embarrassed Microsoft by cracking its Bitlocker encryption within a minute. Bitlocker encryption is suppos... Read more

date16 days ago
Spyware industry develops most zero-days and governments promote it

Spyware industry develops most zero-days and governments promote it

Commercial spyware vendors appear to be the largest developers of zero-day vulnerabilities. Through these vulnerabilities, spyware such as Pegasus and Predator can be installed on devices worldwide. This was stated in a report by Google, in which the tech company is also calling for greater actions... Read more

date16 days ago
Ransomware payments reach record high: more than 1 billion euros

Ransomware payments reach record high: more than 1 billion euros

Last year, more than $1.1 billion (€1 billion) in ransom payments were made following a cyber attack. This beats the record from 2021. This is according to figures from Chainalysis. In 2021, ransomware payments amounted to $983 million, but the following year saw a significant drop. The amount... Read more

date16 days ago
Bug affects Linux systems: major risk to firmware

Bug affects Linux systems: major risk to firmware

The vulnerability allows hackers to execute code early in a device's boot. Virtually all Linux distributions are affected by this bug. Security developer Matthew Garrett warns of this. The vulnerability is in shim, a component that runs during the boot process. Shim performs tasks even before th... Read more

date17 days ago
1 2 3 4 5 267