- An unsecure communication protocol proves to be a headache in today's world
- Despite its age and problems, Telnet sticks around
- The mitigation of Telnet security problems is possible with the right solution
All about Virtualization and Cloud Security | Recent Articles:
On April 20th, the results of the latest round of the annual MITRE ATT&CK® Evaluation of security solutions were released. This year, a field of 29 security solutions from leading cybersecurity companies including Bitdefender, Crowdstrike, and Microsoft were tested on their ability to detect the techniques and tactics of Carbanak and FIN7.
Since the onset of the current health crisis, many systems have found themselves strained. From remote work platforms to collaboration software, most services have been affected by the heavy traffic and the necessity to accommodate large numbers of users.
“We are our choices” (John Paul Sartre)
“When in doubt, choose change.” (Lily Leung)
- McAfee has agreed to sell its enterprise business
- Many McAfee customers may be considering alternatives
- Don’t just replace - upgrade
The global cybersecurity landscape has changed dramatically over the past year due to the COVID-19 pandemic as adversaries look to use the outlier event to their advantage.
- S. Secretary of Homeland Security details Federal Cybersecurity Strategy.
- Initial focus on ransomware, workforce, industrial control security.
- The federal government needs to take a risk-based, long-term view on cybersecurity.
- Ransomware, banking malware, unwanted applications, and Android attacks all rose significantly
- Pandemic-related incidents had a big impact
- Similar threats expected for this year, and cyber security teams need to have the right security tools in place
- Executive order under consideration would expand what companies have to disclose security breaches to the federal government.
- Such breach disclosure laws have been long found over legal concerns.
- The EO would also establish that certain software vendors maintain a software bill of materials.
- All attacks include malicious activity, but not all attacks include writing malware to disk
- Anti-exploit technology prevents attackers from gaining a foothold
- What to look for in anti-exploit technology
Attacks, exploits and vulnerabilities
Any complete cloud workload security stack must feature robust anti-exploit technology for both end-user and server systems. Cloud workloads run on servers, either on-premises or in the cloud, and end-user systems access those workloads. End-user systems can give attackers indirect access to workload data, while servers can provide more direct access if attackers achieve a foothold.