Cisco’s Ash Devata on the Future of Secure Access
Authentication used to be binary: I give you access or I don’t give you access. But with the rise of remote/hybrid work and the growing number of cloud applications in use, organizations need an even more precise approach to authentication, says Ash Devata, vice-president and general manager of Cisco Zero Trust and Duo Security. “Every…
DoS Vulnerability Allows Easy Envoy Proxy Crashes
Researchers have discovered a denial-of-service (DoS) vulnerability in Envoy Proxy, which gives attackers the opportunity to crash the proxy server. This could lead to performance degradation or unavailability of resources handled by the proxy, according to JFrog Security Research, which disclosed the vulnerability (CVE-2022-29225). Envoy is a widely used open source edge and service proxy…
Tony Jarvis on Shifting Security Gears as We Move to the Cloud
The pandemic-propelled shift to work-from-home and bring-your-own-devices accelerated the already expanding move to the cloud. IDC predicts that global cloud spending will grow from $703 billion in 2021 to $1.3 trillion in 2025. Statista reports that the percentage of corporate data stored on the cloud rose from 30% in 2015 to 48% at the beginning…
Cloud collaboration tools: The critical ingredient driving the success of new hybrid working models
As organisations pivot to hybrid working models, cloud collaboration tools have proved they are scalable, secure, and resilient – finally dispelling any lingering concerns that the technology is not yet enterprise ready. In fact, one of the key messages from the recent CIO Cloud Transformation Summit was that this technology has dramatically transformed the business…
Gurucul Launches Cloud-Native SOC Platform Pushing the Boundaries of Next-Gen SIEM and XDR with Identity Threat Detection and Response
RSAC 2022, Gartner SRM 2022, and Los Angeles, Calif. – Jun 2, 2022 – Gurucul, the leader in Next-Gen SIEM, XDR, UEBA and Identity Access Analytics, today announced availability of the Gurucul Security Analytics and Operations Platform. A cloud-native, unified and modular platform for consolidating core security operations center (SOC) solutions with the vital addition…
Linux Trojan XorDdos Attacks Surge, Targeting Cloud, IoT
Cybercriminal use of the Linux Trojan known as XorDdos is on the rise, according to a new report, which found a 254% increase in malicious activity against Linux endpoints using the malware over the last six months. It was first discovered in 2014, and the Microsoft 365 Defender Research Team explained in a recent blog…
Atlassian Patches Critical Authentication Bypass Vulnerability in Jira
The security flaw, identified as CVE-2022-0540, is an authentication bypass issue that affects Seraph, the web authentication framework of Jira and Jira Service Management. A remote, unauthenticated attacker could exploit this vulnerability to bypass authentication and authorization by sending a specially crafted HTTP request. Many versions of Jira are affected, but the vendor noted that…
RBI and the Importance of Integrated Threat Protection
It sounds like a nearly perfect cybersecurity solution: Intercept incoming data before it reaches the user’s web browser; isolate it in a secure sandbox; and send only the screen images—or pixels—to the browser. The ephemeral server is fully isolated from the organization’s IT assets and data, and its browser sessions are destroyed when the user…
Attacks Abound in Tricky Threat Terrain: 2021 Annual Cybersecurity Report
The digital transformations that had enabled many enterprises to stay afloat amid the Covid-19 health crisis also brought about major upheavals in cybersecurity, the impact of which was still widely felt in 2021. Trend Micro detected and blocked more than 94 billion threats over the course of last year, keeping pace with malicious actors who…
Catalogic and Backblaze join forces to provide protection against ransomware and data loss
Catalogic Software announced a new partnership with Backblaze to offer ransomware protection for enterprise and Kubernetes backups. Catalogic’s enterprise data protection software, DPX, provides robust backup and recovery capabilities and integrates seamlessly with Backblaze B2 Cloud Storage to provide a secure, fast, and infinitely scalable backup target. CloudCasa by Catalogic now supports Backblaze B2 as…
