CDN providers and SaaS companies with content-sharing components (such as DropBox, WeTransfer, SharePoint,etc) are increasingly targeted by cyber criminals for malware. The ease with which users can upload and share content is obviously key, but unfortunately, it is equally appealing for malicious actors to attach malware contents.
All about Virtualization and Cloud Security | Recent Articles:
This week Bitdefender was named in a press article regarding our decision to release a free decryptor in January 2021 to help those affected by Darkside ransomware. The authors of the article assert that publicly releasing a ransomware decryptor enables malicious actors to modify their methods to evade future decryption, thus increasing the risk of successful future attacks.
In the third and last part of the blog series on Practical Cyber Resilience, I will cover the Approaches, Tactics and Techniques that an organization should use when developing options for improving cyber resilience. In the previous blog, I detailed the practical five-step Cyber Resilience Analysis Process recommended both by NIST and MITRE for enhancing cyber resilience.
We did it! Five of our talented, channel focused ladies including , , , and have been honored by CRN in the 2021 Women of the Channel list.
On May 12, 2021, U.S. President Biden signed the highly anticipated Executive Order (EO) on Improving the Nation’s Cybersecurity (and the government issued a fact sheet summary of the contents). U.S. Presidents use Executive Orders (EO) to provide guidance to federal agencies as part of enforcing laws passed by Congress and managing the executive branch of the U.S. Government. This EO is the most detailed ever issued on the topic of cybersecurity in the nation’s history. It has global implications because of the size of the U.S. Federal Government and its purchasing authority for cybersecurity solutions – estimated to be nearly $20 billion annually.
As new threats hit enterprise systems and light up enterprise security dashboards, security analysts need to make swift and accurate decisions so that they can respond in the best way possible. Yet, so many alerts come at any given time that the ability for the typical security team to focus on the alerts that matter can seem impossible.
It’s often asked, why can’t security innovate more?
It seems that every week new news breaks regarding the progress toward reaching practical quantum computing. While this is excellent news for the promised benefits quantum computing will provide, it helps society tackle the biggest problems in computing that traditional computers just can't handle. These include potential breakthroughs in artificial intelligence, the complex modeling involved in nuclear fusion, improved solar cells, cancer, and disease treatments, and financial markets modeling.
Advanced Persistent Threat (APT) groups are at the heart of today’s cyber-espionage efforts. Unlike one-off hackers, APTs distinguish themselves through novel attack techniques, cunning lateral movement across the victim’s infrastructure, swift malware deployment, efficient data exfiltration and – perhaps most importantly – stealthy operation to avoid detection by cybersecurity tools.
Ransomware continues to be the ultimate business disruptor. This week Colonial Pipeline, a private operator of the largest refined products pipeline in the United States, transporting more than 100 million gallons of fuel daily, announced they were a victim of a ransomware attack by the organization known as “Darkside.” The attack propelled Colonial to take systems offline, halting operations and threatening to cause the price of oil to rise.
Security operations are expensive! Hiring, training, and keeping a team of security analysts demands significant resources from any organization wanting to run security operations in-house. There are many studies which show the urgent need to improve security operations center (SOC) analysts’ productivity.
- The threat landscape continues to evolve in terms of complexity
- Email is still the weakest link in the security chain and neglecting email security can leave your customers’ networks vulnerable to attacks
- Many legacy solutions can’t fend off today’s modern attacks
- Investment in modern email security is essential to protect against sophisticated attacks
- Ensuring data privacy is now a worldwide concern, with many countries adopting data protection laws
- Much work still needs to be done to ensure the privacy of information
- Tools and training are keys to success