Subscribe to Email Updates

Subscribe

All about Virtualization and Cloud Security | Recent Articles:

Advisory on Kaseya VSA Ransomware Attack

Update: July 13, 2021 -- Kaseya issued a critical security update for VSA users that is available on their site - Kaseya Critical Security Update. We recommend users follow Kaseya's recommended updates as soon as possible. 

- - - - - - - - - - - - - - -

We continue to monitor and analyze the attack using Kaseya Software to deploy a variant of REvil ransomware into a victim’s environment. The attack targeted Kaseya’s managed service provider (MSP) customers, which often provide IT support to small- to medium-size businesses. By targeting MSPsattackers also seek to access and infiltrate the MSP’s customers computer networks.  

Read More

MDR Creates New Revenue Opportunities for Managed Services Providers

Jul 16 by Michael Rosen
  • Managed Detection and Response is one of the fastest growing areas of cybersecurity with a 30.4% CAGR
  • Huge revenue opportunity with MDR for MSPs to help customers that lack security extended teams
  • Opportunities involving MDR tend to be larger, stickier, and foster deeper customer relationships than tools
  • MDR solves key customer gaps in alert response management, technical skills, and overall security outcomes

MSPs, are you thinking about jumping into managed security services?

Read More

Bitdefender and Datto Integration

Dec 09 by Cristian Iordache

A superior MSP technology stack can offer differentiation and the ability to deliver a better service with lean operational costs. However, MSPs have always faced a challenge: choose top solutions in each category or choose solutions that work well together.

Read More

[INFOGRAPHIC] How Advanced Attacks are Transforming MSP Endpoint Security

Sep 17 by Cristian Iordache

Most analysts predict managed cyber-security will grow at a CAGR of over 15% in coming years. This trend is no surprise, considering the global shortage of security talent and the increasing sophistication of attacks on data and business productivity.

Read More

How AV and Endpoint Security Are Failing MSPs in Defending against Attacks

Mar 20 by Cristian Iordache

Recent attacks on MSPs have confirmed once again that both managed service providers and customers are increasingly targeted by cybercriminals, and the attacks often succeed.

Read More

In Demand: Managed Security Services

Mar 23 by Shaun Donaldson

This is a good time to be a managed security services provider—if you believe industry reports about the robust growth of the market. Even if you don’t believe the research, there is plenty of evidence that many organizations are looking for expert help when it comes to strengthening their security posture against a host of potential threats. And service providers can provide that needed assistance.

Read More

Reboot the cloud? Yes, it has happened, and here’s why.

May 13 by Shaun Donaldson

While rare, every now and then, major cloud providers such as Amazon must ponder interrupting service to reboot parts of their environments. It is a curious thing, and leads to asking, “Why?”

Read More

3 Cloud Security Truths For CISOs

May 07 by Ericka Chickowski

As cloud initiatives shift from cost savings efforts to strategic transformations of IT and the business, CISOs are finding that in many ways they need to completely reimagine their security controls to keep up.

Read More

Why Aurora is more than a sunrise

Nov 25 by Shaun Donaldson

A short while ago, Amazon announced a new offering called Aurora. In a nutshell, Aurora is a MySQL database engine wrapped as a service. It’s relatively cheap, and Amazon handles the nitty-gritty of the thing.

It begs the question, why does it matter? As Amazon declares, it’s the fifth SQL database engine that they have made available. So, why the big deal? It is a big deal because it says quite a bit about how Amazon operates.

First, let’s have a look at the product page:

 

Amazon Aurora provides up to five times better performance than MySQL at a price point one tenth that of a commercial database while delivering similar performance and availability.”

 

Read More

Identity and Access Management as a Service (IDaaS) – mastering the fine art of juggling

Aug 22 by Denisa Dragomir

In my previous post I raised a flag around the importance of identity and access management (IAM), and how this should be embedded in your overall security planning.

What does identity and access governance stand for?

According to Gartner, it represents "a combination of administration and account provisioning, authentication and authorization, and reporting functions" which is either served from the cloud (IDaaS) as a utility, or implemented internally in a more silo’d approach.

Companies may choose to run a combination of the two in their hybrid environment, where they bring up a secondary IAM system to handle their hosted apps, while continuing to rely on standard IAM for internal applications.

Read More

Who is Getting Cloudy?

Aug 13 by Shaun Donaldson

There are many questions about cloud; what is it, where is it, and who’s using it?

The answer to the last one is: “most everyone”. Analysts are a bit short on data because they too are still trying to figure-out this cloud stuff. The straightforward answer is that you are likely already using it.

Does your organization use a service provider for software-as-a-service, platform-as-a-service, or infrastructure-as-a-service? If your first answer is an absolute, “No”, you’re probably wrong.

If you’re a start-up, you’re likely using a Google or Microsoft service, perhaps a hosted customer relationship management system (Salesforce.com, for example), and myriad other cloud-based services.

Read More

Distributed Denial of Service in the Cloud or the ‘New Black’ of cyber-criminals

Aug 05 by Denisa Dragomir

Distributed Denial of Service (DDoS) attacks have started to grow in intensity and sophistication as more companies rely on web-based applications for their daily business operations. In the past few months, such attacks have become the weapon-of-choice for cyber criminals in every corner of the world because they hardly ever miss their target(s). Taking the analogy further, I would say that these insidious attacks are as precise and merciless as a DSR-50 riffle is for a trained sniper.

What makes DDoS attacks a bad dream for even the most experienced of IT admins is their distributed nature, as the very name suggests. This means that not only one, but a multitude of compromised systems (also known as botnets or bots) seize the target host with simultaneous requests through a breach in the system, which thereby becomes saturated and unavailable to user access.

Read More

Cloud Security




Subscribe to Blog Updates

Latest Tweets

Posts by Month