Addressed on August 2020 Patch Tuesday, the flaw was identified in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) and can be abused by remote attackers to compromise Active Directory domain controllers and gain administrator access. To exploit the flaw, which is tracked as CVE-2020-1472, an unauthenticated attacker would need to run a specially crafted application…

The Myth of Security Enabling Your Business

Every year there are reports and surveys which make the case that security inhibits innovation, productivity and generally holds businesses back. I am not going to argue with that sentiment. Security requires that things are done in a certain manner, which can act as a constraint on wanting to do things a different way. What…

What modern cyber attacks actually look like

Sometimes, your data protection tools may actually be providing a false sense of security. A Venafi survey of 500 CIOs found that they were wasting millions of dollars on cyber security solutions that couldn’t differentiate between malicious and authorized keys and certificates, Information Age reported. As a result, 90 percent of respondents said they expect their organization to…

Data breaches: Playing by a new set of rules?

The regulator can come in and fine your organization. In fact, it could get even worst because you will become the victim of abnormal churn rate. You know that term to describe the number of customers that will leave you because they just don’t trust you anymore. Within the last year we have seen examples…

A new age of digital signatures is upon us

The increased adoption of digital signatures should not come as a surprise: many businesses are trying to digitalise their everyday processes, and digital signatures are both reliable and secure due to several features, and are increasingly easy to use. The term “digital signature” is often used interchangeably with that of “electronic signature”, but they are…

IaaS Creating New Variant of Shadow IT

Organizations cannot rely on commercial off-the-shelf (COTS) software to fulfil all their IT requirements: almost all companies develop their own custom apps. The majority of these apps, whether internal or internet-facing, currently run on datacenters owned or operated locally. By the end of 2017 this will change — the majority of enterprise custom apps will…

Why do I care about someone else’s data breach?

Because as the size of your organization increases, the probability that an individual employee’s company email is in that breach rises to 1. That lone employee is going to be suffering some unfortunate impacts, from identity theft, financial scams, blackmail, and even death threats (as seen in the Ashley Madison breach). There’s an organizational impact…