2018 appears to be the year of regulatory compliance, threatening to hinder all IT initiatives and projects. Whether it’s The Payment Card Industry Data Security Standard (PCI DSS), the banking sector’s PSD2 (Revised Payment Service Directive), NIST for federal agencies or the EU’s boogey-man - Global Data Protection Regulation (GDPR), organizations worldwide are struggling to meet all industry-specific guidelines and recommendations to avoid substantial fines following an incident.
All about Virtualization and Cloud Security | Recent Articles:
Organizations Prioritize Regulatory Compliance Over Risk Assessment, Study Says
About a year ago, Europe’s largest electrical and telecommunications retailer was hacked, compromising 5.9 million customer cards and 1.2 million personal records. Dixons Carphone claimed it had been unaware of the breach until recently, so no information had been held back from their customers or regulatory bodies.
Bitdefender Named a Leader by Forrester Research in Q2 2018 Forrester Wave™ Evaluation of Endpoint Security Suites
We are thrilled to let you know we’ve been named a leader in this Wave evaluation. We believe this validates what our customers have been saying about our enterprise endpoint protection capabilities across a wide range of platforms.
Two of the hottest technology trends today are the rise in Internet of Things (IoT) and blockchain adoption. A recent report by the Cloud Security Alliance (CSA) brings these two areas together—in a potentially good way.
What’s the world’s most common security vulnerability?
As bad actors seek ever-more lucrative ways to enhance their Distributed Denial of Service (DDoS) attacks, analysts are noticing a sustained effort from the black hat community to amplify their firepower.
Electric car manufacturer Tesla is facing a nightmare insider attack scenario for which too many companies today fail to prepare. Tesla CEO Elon Musk admitted this week that an employee managed to intentionally wreak havoc with the software code that underpins the company's manufacturing system. The fallout has resulted in "quite extensive and damaging sabotage to our operations," according to Musk in a company-wide email that was leaked to CNBC two days ago.
Employers Should Reward Staffers Who Dodge Online Scams, Thwart Ransomware, Study Shows
Employees are a company’s first line of defense against an impending breach. All it takes is one negligent staffer with bad password hygiene, or an unwary employee falling for a phishing scam, for hackers to gain a foothold in an organization’s infrastructure.
Dixons Carphone, the major electrical and telecommunications retailer in Europe, has just confirmed a data breach attempt that occurred almost a year ago in the UK. According to the company’s press release, the security incident affected 5.9 million customer cards and 1.2 million personal records, involving names, addresses and emails, were compromised.
Chances that ransomware will go away any time soon are slim, so security experts can’t emphasize enough the importance for enterprises to seriously invest in cybersecurity and focus on developing risk mitigation strategies to avoid being caught off-guard. For some reason, the number of businesses ready to pay ransom to get their data back is increasing, opening up endless opportunities for hackers working on complex malicious software to further compromise corporate networks.
Software defined Networking is here, and there’s plenty of talk about what this means for security. As Ericka Chickowski wrote in Security Must Adjust as SDN Goes Mainstream we know one thing: security will need to continue to adjust to compensate.
Reuters reported last week week that the ransomware attack suffered by the city of Atlanta in March was proving costlier than initially thought. City officials told the news agency that the strike continued to disrupt Atlanta’s “mission critical” applications even after its discovery, as the pestilence had not been fully contained.
The French National Commission on Informatics and Liberty (Commission Nationale de l'informatique et des libertés or CNIL) has issued a record fine to an optical center after the company failed to secure the personal (and in some cases highly sensitive) data of its customers.
In late April, a Windows zero-day attack was discovered in the wild that affected all supported versions of Windows. Microsoft released a patch on May 8th to address the issue. This zero-day, dubbed Double Kill, exploits a VB script vulnerability, and potentially affects any system from Windows 7 onwards, including servers.
That’s the conclusion of at least one cybersecurity services provider. According to Risk Based Security, following year over year increases in the number of publicly reported data breaches, the first three months of 2018 saw a respectable decline. But while the numbers look good, they may reflect a change in criminal targeting and goals and less an indication that cyber-criminals are waving white flags.
CISOs Have an Opportunity to Shine as Regulations Enforce Change, Gartner Says
Once a paltry segment of enterprise IT, security has become a crucial factor in the success of an organization. This paradigm shift, driven by growing legions of bad actors and new regulations, have cast the spotlight on IT security leaders like never before. This, Gartner analysts calculate, creates an unprecedented opportunity for CIOs and CISOs to prove their value and – why not? – forge new career paths.
Emergence of the Internet of Things and Other Issues are Raising Concerns about the Security of Wi-Fi Networks
Private and public Wi-Fi networks have become critical parts of the technology infrastructure of many organizations, particularly with the rise of mobile device users in the workplace. Many people rely on these networks to access the Internet, leverage corporate applications and data, and collaborate with their colleagues—among other uses.
Is It Cheaper to Pay for Cybersecurity Now, or to Pay Ransom to Criminals Later?
Breaching enterprise systems and holding their data hostage is a growing threat to organizations everywhere. Governments are fighting back by putting the onus on custodians to protect their data or face hefty fines. Even so, bad actors show no signs of backing off.
Last week the team behind Git, a platform that powers millions of the world's developer code repositories--including those on the wildly popular GitHub hosted service--released a crucial security update meant to keep developer environments safe. The patch was made to fix a flaw in how Git handles submodule repository configuration during cloning. It's a dangerous hole that could give attackers the power to create malicious Git repositories and leverage them to run arbitrary code execution on target developer machines.
Adding Enhanced Shields to Strengthen the Last Front: Encryption and Patch Management
(Article also available in German, French, Spanish, Italian, and Romanian.)
In an increasingly hostile landscape where large cyberattacks make headlines virtually every month, companies have started shifting their security defense paradigm toward gaining more visibility into the way attacks occur, and how they become targets.
Companies provide detailed reports on previous and identified cyberattacks to their managers or board of directors every eight months on average, according to a recent survey of 1,050 chief information security officers in the US and Europe.
What’s a leading indicator that an organization may invest in biometric authentication? It turns out that it’s a data breach.
Cloud Security
Subscribe to Blog Updates
Posts by Categories
- Advanced Persistent Threats (7)
- CISO (20)
- Cloud Security (122)
- Cybersecurity Awareness (28)
- Endpoint Detection and Response (6)
- Endpoint Protection & Management (25)
- Enterprise Security (428)
- Events (4)
- Financial Services (16)
- Healthcare (22)
- IoT Security (24)
- IT Compliance & Regulations (53)
- Machine Learning (9)
- Managed Detection and Response (8)
- Managed Service Providers (19)
- Network Protection (11)
- Privacy and Data Protection (105)
- Ransomware (12)
- Remote Work (5)
- SMB Security (44)
- Telecommunications (2)
- Threat Research (94)
- Virtualization & Data Center Security (81)
Latest Tweets
Tweets by @Bitdefender_EntPosts by Month
- February 2021 (9)
- January 2021 (12)
- December 2020 (31)
- November 2020 (33)
- October 2020 (39)
- September 2020 (26)
- August 2020 (29)
- July 2020 (34)
- June 2020 (40)
- May 2020 (33)
- April 2020 (31)
- March 2020 (28)
- February 2020 (23)
- January 2020 (26)
- December 2019 (28)
- November 2019 (24)
- October 2019 (28)
- September 2019 (19)
- August 2019 (17)
- July 2019 (23)
- June 2019 (15)
- May 2019 (17)
- April 2019 (20)
- March 2019 (19)
- February 2019 (20)
- January 2019 (19)
- December 2018 (19)
- November 2018 (23)
- October 2018 (22)
- September 2018 (22)
- August 2018 (23)
- July 2018 (24)
- June 2018 (22)
- May 2018 (28)
- April 2018 (23)
- March 2018 (22)
- February 2018 (19)
- January 2018 (19)
- December 2017 (13)
- November 2017 (17)
- October 2017 (19)
- September 2017 (18)
- August 2017 (16)
- July 2017 (17)
- June 2017 (16)
- May 2017 (17)
- April 2017 (15)
- March 2017 (16)
- February 2017 (13)
- January 2017 (14)
- December 2016 (11)
- November 2016 (14)
- October 2016 (11)
- September 2016 (10)
- August 2016 (15)
- July 2016 (12)
- June 2016 (15)
- May 2016 (10)
- April 2016 (13)
- March 2016 (15)
- February 2016 (14)
- January 2016 (6)
- December 2015 (6)
- November 2015 (9)
- October 2015 (8)
- September 2015 (11)
- August 2015 (8)
- July 2015 (10)
- June 2015 (3)
- May 2015 (8)
- April 2015 (6)
- March 2015 (5)
- February 2015 (7)
- January 2015 (8)
- December 2014 (8)
- November 2014 (9)
- October 2014 (8)
- September 2014 (9)
- August 2014 (9)
- July 2014 (8)
- June 2014 (8)
- May 2014 (6)
- April 2014 (8)
- March 2014 (5)