Subscribe to Email Updates

Subscribe

All about Virtualization and Cloud Security | Recent Articles:

2021 Gartner® Market Guide for Cloud Workload Protection Platforms | Bitdefender’s key takeaways from the report

Protection requirements for cloud workloads continue to grow as organizations accelerate their adoption of containers and host an ever-increasing number of workloads in hybrid and multi-cloud architectures. Cloud Workload Protection Platforms (CWPP) are critical to protect these workloads from cyberattack and provide security teams with visibility into, and control of, cloud-based infrastructure and applications.

Read More

New U.S. Government Website Provides Ransomware Resources for Organizations

Aug 03 by Bob Violino

The potential dangers of ransomware are top of mind for cyber security and IT leaders around the world. The threat of these attacks continues to rise with no organization completely safe. Ransomware attacks have been reported by businesses of all sizes and vertical industries.

Read More

Deep dive into a FIN8 attack – A forensic investigation

Jul 27 by Martin Zugec

During a recent investigation, our researchers encountered a new version of the BADHATCH malware used by the well-known threat actor, FIN8. We previously reported that FIN8 was working on a new version of the BADHATCH malware - and this recent attack supports our findings and conclusions. FIN8 is known for taking extended breaks to improve their tactics, techniques, and procedures (TTPs) which increases their success rate. With each new version of their toolkit, they start with small tests on a limited pool of victims before launching a full-scale attack.

Read More

The Growing Importance of Cloud Workload Security

Jul 22 by Bob Violino
  • A growing number of organizations are increasing their use of the cloud.

  • These workloads, including databases, transactions, and analytics, are vital to business operations.

  • Cloud workloads are different from regular endpoints which is why security teams need to deploy platforms specifically designed to protect these resources.

Read More

Technical Advisory: SeriousSAM – Windows 10 Flaw Can Be Used by Malicious Actors to Obtain Administrator Rights

Jul 21 by Martin Zugec

Newer versions of Windows 10 (build 1809 - 2018-present) may be vulnerable to a local privilege escalation enabled by misconfiguration on the Security Account Manager (SAM) database file. SAM is a database file that stores password hashes for all local user accounts. (This file can be found in folder %SystemRoot%\System32\Config\SAM and it is mounted in registry under HLKM\SAM.)

Read More

Debunking The BlueKeep Exploit Hype – What You Should Know

Nov 07 by Andra Cazacu

WannaCry is still fresh in our memory, reminding organizations of how distractive an unpatched vulnerability can be especially if weaponized as a wormable threat that delivers ransomware. BlueKeep has been estimated to have the same disruptive potential as EternalBlue (the exploit responsible for WannaCry) if sporting worm-like behavior, especially since RDP is a commonly used service in organizations, allowing IT and security teams to remotely dial into machines.

Read More

Researchers Uncover Threat Actor Supergroup Linked to Stuxnet, Flame, Duqu

Apr 23 by Luana Pascu

Could critical infrastructure attacks be making a comeback? Or did these invisible threats never leave in the first place? Extensive research reveals that as many as four threat actors many have been involved in creating Stuxnet, the sophisticated computer worm that demolished Iran’s nuclear infrastructure in 2007. In light of recent discoveries about similarities in malware samples, cyberespionage appears to be a growing threat that can hide for years before its discovered.

Read More

Cybersecurity – A Top Risk Management Priority for Senior Execs, But Only On Paper

Feb 21 by Filip Truta

As bad actors continue to hone their skills and governments keep raising the penalty for getting breached, large organizations across the globe seem to be doing little to mitigate the risks associated with cybercrime – despite knowing better for years.

Read More

Why CISOs Should Understand the Threat Landscape To Bolster Security in 2018

Feb 08 by Luana Pascu

Doctors can’t prescribe proper treatment for patients without identifying and analyzing symptoms to make a clinical diagnosis. It’s the same for CISOs, who are responsible for their organization’s digital health.

Read More

Businesses rushing to adopt new tech are opening more doors to hackers – research

Jan 27 by Filip Truta

While modern technology makes possible new business models to drive growth and profitability, digital transformation opens your business to more cybersecurity risks, according to a survey by Thales and 451 Research.

Read More

Cyber-attacks now cost businesses over $1M on average, can sink small companies

Sep 26 by Filip Truta

As of 2017, a single cyber incident can put a small company out of business, according to new research by Ponemon Institute. The findings confirm Bitdefender’s predictions for 2017 that targeted attacks would increase due to poor security of corporate networks.

Read More

Email is Deprecated, but Still a Threat

Feb 22 by Bogdan Dumitru

It’s been 38 years since the invention of email and today, it is still the number one communication tool in and out of enterprises. While technology, hardware, infrastructure and the internet itself evolved tremendously in the past almost 4 decades, email is the spoiled child of the family that declines to grow up. 

Read More

Cloud Security




Subscribe to Blog Updates

Latest Tweets

Posts by Month