Subscribe to Email Updates

Subscribe

All about Virtualization and Cloud Security | Recent Articles:

2018 Is the Worst Year for Corporate Security; Executives Lack Cohesive Security Plan

May 24 by Luana Pascu

Security executives fear cyberattacks will heavily target critical infrastructures in the near future, but they don’t seem to be doing much about enforcing security policies that also cover IoT devices. Despite the major threat they pose, connected devices have so far been overlooked in security policies. It appears that in general, in spite of the increasing awareness of high-profile cyberattacks and threats, enterprises tend to look the other way rather than invest properly in a cybersecurity strategy.

Read More

Loopholes in Cloud Security Exposed Online 50% of Corporate Databases

May 21 by Luana Pascu

Cloud security has grown into a major issue for enterprises, as only one company in six encrypts all data, according to a Bitdefender survey. While 85% of CISOs fear security flaws in the public cloud, as many as 51 percent of enterprises don’t properly secure their cloud storage services, according to RedLock, leaving their data exposed to hackers.

Read More

[INFOGRAPHIC] Cryptomining Madness Explained

Update November 2019: One of the most notable cryptojacking attacks of 2019 was based on Microsoft's BlueKeep vulnerability, which was used to deliver cryptomining software to legacy Windows systems starting summer 2019.

This proves that cryptomining is still a preferred payload for attackers who receive immediate financial rewards from each victim they infect without their knowledge.

Read More

Insider Threats Remain #1 Security Headache for Organizations, Research Shows

Apr 27 by Luana Pascu

Businesses cannot come up with a mitigation strategy to efficiently detect, identify and manage insider threats, according to research from the Ponemon Institute, so they risk the loss of critical confidential data and resources, network shutdown and reputational damage. In the past year, 159 organizations from the United States, Canada, Europe, Middle East, Africa, and the Asia-Pacific region dealt with 3,269 security breaches caused by insider threats due to plain negligence.  

Read More

Researchers Use Machine Learning, Cybersecurity Practices to Secure US Power Grid

Apr 25 by Luana Pascu

In 2015, Russian hackers shut down Ukraine’s electrical grid after infecting the infrastructure with malware. It was only a matter of time until they would target the US power system. As of 2016, US critical operational infrastructures have been under siege by "Russian government cyber actors," as described by the Department of Homeland Security and the FBI.

Read More

Is Cryptojacking Here to Stay?

Like most groundbreaking inventions, cryptocurrencies bring a moral paradox: while some people consider them a revolutionary tool to make the world a better place, others already use it to fuel their illegal activities. Therefore, it was just a matter of time before this energy-hungry activity became a serious cybersecurity issue.

Read More

Enterprise Networks Hit by Cryptominers; 2.5 Billion Attacks Blocked in Six Months

Apr 13 by Luana Pascu

Cryptomining transactions, seen as a terrific money-making scheme separate from the traditional online advertising, are growing faster than ever, concluded security researchers after 2.5 billion attacks were blocked in enterprise networks in the past six months.

Read More

Coin Miner Reports Outrank Ransomware by Two Orders of Magnitude, According to Bitdefender Telemetry

Mar 27 by Liviu Arsene

Bitdefender telemetry revealed that from September 2017 until February 2018, ransomware reports have followed a descending curve, while coin miner reports have increased by 130 percent by January 2018. Interestingly, cryptojacking is currently one of the fastest spreading cyber threats, already outranking ransomware’s exposure by a factor of 1 to 100 according to Bitdefender’s intelligence, and is recently displaying targeted behavior, by leveraging fileless techniques and exploits to infiltrate organizations and spread laterally.

Read More

Changes to Data Breach Notifications in the Air

Mar 14 by George V. Hulme

Ever since the first data breach notification law went into effect July 1, 2003 in California (SB 1386), there has been controversy surrounding what types of data being exposed should trigger data breach notifications, who should be notified, and how quickly they should be notified. In fact, it’s become somewhat of a mess.

Read More

The Five Attributes Needed to Succeed at DevSecOps

Feb 27 by George V. Hulme

It’s hard to believe but the conversation around how security fits in DevOps has been going on for years. It was in 2012 when Gartner analyst Neil MacDonald wrote his blog DevOps Needs to Become DevOpsSec. In this blog MacDonald wrote “DevOps seeks to bridge the development and operations divide through the establishment of a culture of trust and shared interest among individuals in these previously siloed organizations. However, this vision is incomplete without the incorporation of information security, which represents yet another silo in IT.”

Read More

Employee Training a Security Priority for Financial CISOs in 2018, Study Says

Feb 14 by Luana Pascu

In the past two years, cyberattacks on the financial sector have picked up speed. As companies in the sector struggle with the major shift toward digital transformation, some are caught off guard by the significant rise of malware designed specifically to target their sector, such as Dyre Trojan, Dridex, hybrid banking Trojan GozNym and TrickBot. Once the network is infiltrated, hackers can easily steal, read, alter and even erase top secret information.

Read More

Get more value from your threat intelligence

Dec 27 by George V. Hulme

Many cybersecurity organizations are of the opinion that threat intelligence can prevent, or if not prevent entirely at least lessen, the impact of successful breaches.

Read More

Cloud Security




Subscribe to Blog Updates

Latest Tweets