All about Virtualization and Cloud Security | Recent Articles:

In 2015, Russian hackers shut down Ukraine’s electrical grid after infecting the infrastructure with malware. It was only a matter of time until they would target the US power system. As of 2016, US critical operational infrastructures have been under siege by "Russian government cyber actors," as described by the Department of Homeland Security and the FBI.

Like most groundbreaking inventions, cryptocurrencies bring a moral paradox: while some people consider them a revolutionary tool to make the world a better place, others already use it to fuel their illegal activities. Therefore, it was just a matter of time before this energy-hungry activity became a serious cybersecurity issue.

Cryptomining transactions, seen as a terrific money-making scheme separate from the traditional online advertising, are growing faster than ever, concluded security researchers after 2.5 billion attacks were blocked in enterprise networks in the past six months.

Bitdefender telemetry revealed that from September 2017 until February 2018, ransomware reports have followed a descending curve, while coin miner reports have increased by 130 percent by January 2018. Interestingly, cryptojacking is currently one of the fastest spreading cyber threats, already outranking ransomware’s exposure by a factor of 1 to 100 according to Bitdefender’s intelligence, and is recently displaying targeted behavior, by leveraging fileless techniques and exploits to infiltrate organizations and spread laterally.

Ever since the first data breach notification law went into effect July 1, 2003 in California (SB 1386), there has been controversy surrounding what types of data being exposed should trigger data breach notifications, who should be notified, and how quickly they should be notified. In fact, it’s become somewhat of a mess.

It’s hard to believe but the conversation around how security fits in DevOps has been going on for years. It was in 2012 when Gartner analyst Neil MacDonald wrote his blog DevOps Needs to Become DevOpsSec. In this blog MacDonald wrote “DevOps seeks to bridge the development and operations divide through the establishment of a culture of trust and shared interest among individuals in these previously siloed organizations. However, this vision is incomplete without the incorporation of information security, which represents yet another silo in IT.”

In the past two years, cyberattacks on the financial sector have picked up speed. As companies in the sector struggle with the major shift toward digital transformation, some are caught off guard by the significant rise of malware designed specifically to target their sector, such as Dyre Trojan, Dridex, hybrid banking Trojan GozNym and TrickBot. Once the network is infiltrated, hackers can easily steal, read, alter and even erase top secret information.

Many cybersecurity organizations are of the opinion that threat intelligence can prevent, or if not prevent entirely at least lessen, the impact of successful breaches.

In 2017, global spending on cybersecurity totaled about $86.4 billion, while in 2018 businesses will reportedly spend $93 billion, according to estimations from Gartner.

Each December, security researchers make predictions for the following year, and they always seems to sound the same: attacks will increase, malware will be more sophisticated because hackers are upping their game, so IT executives must secure their infrastructure or else. So what can enterprises expect from the threat landscape in 2018?

There’s been a continuous increase in the use of Machine Learning but, despite the recent hype, the technology is not new. While researchers have been playing with artificial neural networks from as early as the 1950s, machine learning is not new even in the context of cybersecurity.

New research reveals that cyber-attacks by unsophisticated hackers this year have successfully exploited vulnerabilities that many of the world's famed businesses were already aware of but did nothing to fix.