Security is more important than ever. Cybersecurity has been a problem from the start of IT and it will be till the end. It all started with endpoint and network security, but today, we are also facing with cloudsecurity and managing employees to incorporate good security practices.
All these new technologies that help us innovate also helps cybercriminals and state sponsored hackers to get new tools they can use to get access to our systems, and in a worst case scenario, access to our most valuable data and business secrets. Also, with new legislation in place like GDPR, you need to make sure everything is secure, otherwise you just don’t lose your reputation, but you can also be fined by the government. Protecting IT-environments is more important than ever.
Your first line of defense is usually endpoint protection. The devices your employees work with need to be protected against ransomware and other malware which can bring lots and lots of trouble. This nowadays the most basic form of protection and many of the bigger vendors and suites can help you achieve this.
Network security is a bit more advanced, where you can manage which traffic goes across your network. You can also connect different networks together with e.g. SD-WAN. So, you can run protection software and share data between multiple locations. The trend we see in network protection on the datacenter side is to lock down the traffic by only allowing known, benevolent traffic sources. Regarding office networking, we see new initiatives like ZScaler coming up, where you tunnel all your staff over the network of ZScaler so they can analyse the traffic and block patterns that they marked as malicious. Especially for companies with employees that travel a lot, this is a smart solution.
Many thought that bringing workloads to the cloud would reduce their responsibility of doing security. It is now clear that this is not the case. Most cloud vendors practice the “shared responsibility” approach. This means that big hyperscalers can offer a first line of defense against well known threats and port scanners. For the more sophisticated attacks that are directly pointed at your servers, you need to have your protection in place.
According to the security watchdogs of the United Kingdom, Canada and Australia, unknown state hackers have been behind attacks on Cisco firewalls since November 2023. Through these breaches, the attackers have deployed malware for espionage purposes. Cisco has now confirmed these infiltrations.... Read more
8 hours ago
The so-called Cactus ransomware group strikes worldwide. However, a Dutch-based collective has this criminal enterprise in sight. 'Project Melissa,' a coalition between Fox-IT, Northwave, Responders and several state agencies, among others, has mapped the indicators of compromise (IOCs) to prevent ... Read more
10 hours ago
One in three applications contains a major or critical vulnerability. Outdated software, failure to install updates and lack of multifactor authentication are the biggest culprits. These are the most important findings in a study by Dutch security company Computest about the state of application... Read more
12 hours ago
With Coveware, Veeam gains new incident response options. Coveware's technology and staff deal with ransomware assessment and negotiation to end downtime as quickly as possible. Coveware is used mainly by cyber extortion victims, but the service can also help enterprises prepare for incident res... Read more
1 day ago
Cybercriminals are spreading malware-linked URLs of ostensibly Microsoft repositories through the comments of GitHub projects. The method of malware distribution is very dangerous and persistent. According to research, cybercriminals are actively trying to spread malware through URLs posted in t... Read more
2 days ago
What does a bug bounty program look like, and what does it deliver? We talk to Visma about its usefulness for security professionals and the ultimate benefit for the user of the software. "With the bug bounty program, we have extra eyes looking at our products," explains Chief Information Securi... Read more
2 days ago
The year-over-year growth is primarily attributed to the use of generative AI for voice phishing (vishing) and deepfake phishing. That's what data from Zscaler shows. The company analyzed 2 billion blocked phishing transactions on its Zero Trust Exchange platform. Cybercriminals appear to use ge... Read more
3 days ago
In cooperation with Toshiba, Single Quantum has made the technology suitable for more than 300 kilometres of fibre-optic connections. In Quantum Key Distribution (QKD), high-performance and quantum computers generate keys that are resistant to decryption. Toshiba's QKD technology is delivered ov... Read more
3 days ago
WordPress websites using the Forminator plugin for web forms are extremely vulnerable to uploading and executing malicious files. Japan's Computer Emergency Response Team Coordination Center (JPCERT/CC) is sounding the alarm about this. JPCERT/CC has issued an alert for the critical vulnerabilit... Read more
3 days ago
Attacks on Windows Defender and Kaspersky EDR allow remote file deletion. Even after patches, hackers can still exploit these tools' vulnerabilities. In a presentation at Black Hat Asia, security firm SafeBreach revealed that Windows Defender and Kaspersky EDR are vulnerable to remote-access att... Read more
3 days ago
