Subscribe to Email Updates

Subscribe

All about Virtualization and Cloud Security | Recent Articles:

ISPs Can and Should Protect Users Against DDoS Attacks

Sep 25 by Silviu Stahie
  • Household IoT devices face an ever-increasing risk without proper security
  • Hackers compromise IoT devices and integrate them into botnets responsible for major DDoS attacks
  • ISPs can do much more to protect their customers and infrastructure

IoT makes people's lives more comfortable, but for all the good it does, it's also a prime target for botnets and threat actors. Compromised IoT devices launch DDoS attacks against online services, companies, or even people. There's an entire industry built around the DDoS-as-a-Service principle, and the potential victims don't have many options for protection. A possible solution lies in the hands of ISPs when they choose to provide IoT security to their customers.

Read More

Most SMBs Prepare for an Attack in the Next Six Months, Survey Shows

Sep 23 by Silviu Stahie
  • SMBs are not prepared for security incidents but are looking for more protection
  • Cybersecurity investment from SMB will likely rise
  • A majority of SMBs believe that cybersecurity will be outsourced in the next five years

Small and medium businesses (SMB) know that cybersecurity is a priority, but their leaders also believe that their organization will be the target of an attack in the next six months, according to a new survey from ConnectWise.

Read More

Seven in Ten CISOs Believe Cyberwarfare Is an Imminent Threat to Their Organisations

  • Most CISOs are concerned about the threat of cyberwarfare to their organisation yet a lot of businesses don’t have a strategy in place to protect against it. In fact, new research by Bitdefender found 71% of CISOs believe cyberwarfare is a threat to their organisation.
  • Despite this, only just over a fifth (22%) admit to not having a strategy in place to mitigate this risk.
Read More

Healthcare Institutions Fall Short of National Cybersecurity Standards

Sep 22 by George V. Hulme
  • Healthcare breaches continue in high numbers
  • Vendor report details minority of healthcare providers can't meet NIST CSF criteria
  • Healthcare providers can get back on track, but it will take a strong focus on an effective remediation plan
Read More

Does Your Business Have a Well-Known URL for Changing Passwords? It Should!

Sep 21 by Graham Cluley
  • Your customers can be helped to change their weak passwords
  • All your company needs to do is make one change to its website
  • Supports new feature coming to Google Chrome next month
Read More

Zerologon: How Bitdefender Protects Customers from this No-Credential Post-Exploit Technique

  • Zerologon is a zero-credential vulnerability that exploits Windows Netlogon to allow adversaries access to the Active Directory domain controllers, first reported in August 2020 
  • “This attack has a huge impact” according to researchers, as attackers on the local network can launch this exploit to compromise the Windows domain controller with no authentication
  •  Bitdefender customers are protected from this post-exploit technique via our Network Attack Defense, Anti-Malware SDK and Indicator of Risk (IOR) technologies
Read More

IoT Devices Ship with Security Flaws Because Profit Drive the Market

Sep 18 by Silviu Stahie
  • The main driver of the IoT market is not innovation and the final product suffers
  • The IoT gold rush brings more and more unsecure devices because standards and regulations don’t really exit
  • Security for IoT devices can still be achieved, even in these conditions, and the solution is in the ISPs’ hands

The IoT ecosystem is built on a sand foundation, with its devices always in the spotlight for their lack of security, vulnerabilities and other potential problems looming on the horizon. With no solution in sight, even in the long run, the devices' security now falls into the users' or ISPs' responsibility.

Read More

COVID-19 Amplifies CISOs’ Concerns about Doing More with Less

Sep 17 by Filip Truta
  • Chief Information Security Officers are preparing for an average of 3.3 security compliance standard audits over the next six to 12 months
  • Of the CISOs working for software companies, 77% said they were preparing for SOC-2 audits
  • Security seniors are worried about their current resources facing upcoming audits and security compliance

Chief Information Security Officers (CISOs) must prepare for more than three audits on average in the next six to 12 months but struggle with inadequate tools, limited budgets and personnel, and inefficient manual processes.

Read More

Researchers Identify the Departments and Industries Most Susceptible to Email-Based Cyber-Attacks

Sep 16 by Filip Truta
  • Simulated phishing campaign reveals recipients typically open the email 50% of the time, 32% click the malicious attachment or link, and 13% submit sensitive data
  • Employees in Quality Management & Health, Purchasing / Administrative Affairs, Legal / Internal Control, Human Resources, and Research & Development have the highest rates opening and interacting with malicious emails
  • Phishing attacks are winning because they target fundamental and typical human nature, researchers say

Users that deal with extensive email exchanges daily are proportionally more prone to phishing attacks than those that don’t. Hardly a surprise. But, according to one report, researchers have been able to pinpoint the exact industries and departments most prone to falling victim to email-borne cyber threats.

Read More

Telehealth Now the Biggest Cyber-Threat to Healthcare, New Data Shows

Sep 15 by Filip Truta
  • The adoption of telehealth vendors has significantly expanded healthcare providers' attack surface
  • Researchers find a noticeable increase in leaks from primary healthcare and telehealth companies on the dark web since February 2020
  • Threat actors use strains of ransomware that are uniquely tailored to take down healthcare IT infrastructures
  • Despite new risks from telehealth vendors, the healthcare sector has improved its security posture compared to 2019

While COVID-19 has proven the healthcare industry's overall resilience, it has also increased its cybersecurity risk. A new report indicates that the rapid adoption and onboarding of telehealth vendors has led to a significantly increased digital footprint and attack surface, leaving both provider and patient data at risk.

Read More

Ransomware Was the Top Cyber Insurance Claim in Q1 2020

Sep 14 by Filip Truta
  • Ransomware retakes the lead (from business email compromise) as the top cyber insurance claim the first half of the year
  • Analysts observed a 47% increase in the severity of ransomware attacks, on top of a 100% increase from 2019 to Q1 2020
  • Ransomware (41%), funds transfer loss (27%), and business email compromise incidents (19%) were the most frequent types of loss

Data from 25,000 small-to-midsize organizations reveals ransomware as the top cyber insurance claim in the first half of 2020, with the average ransomware demand increasing 100% from 2019 through Q1 2020.

Read More

The Move to the Cloud Gains Momentum, but Security is Still a Big Concern

Sep 11 by Bob Violino
  • More organizations are moving applications and data to the cloud, driven in part by changing work environment caused by the pandemic
  • Ensuring data security is a key challenge in taking full advantage of public cloud resources

This year has seen a few dramatic trends that directly affect IT, in large part results of the global health crisis: the massive shift to a work-from-home model, a significant increase in e-commerce activity, and a big jump in the use of videoconferencing and other collaborative tools—to name a few.

Read More

Cloud Security




Subscribe to Blog Updates

Posts by Categories

Latest Tweets