Inside Atlassian’s zero trust implementation
The COVID-19 pandemic forced many companies to adapt to a new work-from-home reality. We’re now past the initial shock of the COVID-19 pandemic, which forced many companies to quickly adapt to a new work-from-home reality. In the early days, business continuity, often at the expense of security, was the priority in decision making around remote…
Is Your Encryption Ready for Quantum Threats?
In October 2019, Google announced it had achieved “quantum supremacy” in a Forbes article entitled “Quantum Computing Poses An Existential Security Threat, But Not Today.” The Google team had developed a quantum computer that could complete a computation in just over three minutes instead of the 10,000 years it would have taken on a traditional…
Elusive hacker-for-hire group Bahamut linked to historical attack campaigns
Attack attribution is one of the most difficult aspects of malware research and it’s not uncommon for different security companies to attribute attack campaigns to different threat actors only to later discover that they were the work of the same group. However, a new paper by researchers at Blackberry stands out by exposing an elusive…
Ransom from Home – How to close the cyber front door to remote working ransomware attacks
Coronavirus has caused a major shift to our working patterns. In many cases these will long outlast the pandemic. But working from home has its own risks. One is that you may invite ransomware attacks from a new breed of cyber-criminal who has previously confined his efforts to directly targeting the corporate network. Why? Because…
Securing Microsoft Teams: The options are limited
As more remote work from home happens, your collaboration tools need more scrutiny. A popular choice for instant messaging and video conferencing is Microsoft’s Teams, and securing this application will be a challenge. Teams already has had one major exploit that would allow a malicious actor to use the Microsoft Teams Updater to download any…
Are employees the weakest link in your security strategy? Train them!
Email is the number one threat vector. There’s no exception, even with a global pandemic, on the contrary: COVID-19 has been used as an appealing hook by cyber criminals. Data from Trend Micro Smart Protection Network shows that for the first five months of 2020, 92 per cent of all the cyber threats leveraging COVID-19…
How to secure vulnerable printers on a Windows network
At the recent Black Hat conference, Peleg Hadar and Tumar Bar of SafeBreach Labs pointed out that the way to a network’s heart is often through its printers. In 2010, one of the vulnerabilities Stuxnet used was a remote code execution on a computer with printer sharing enabled. To reach Iran’s centrifuges, Stuxnet exploited a…
A 2020 approach to security: People matter
The information security industry frequently utilizes the phrase “people, processes and technology” (PPT) to describe a holistic model of securing the business. But though this phrase is repeated ad nauseum, we seem to have forgotten one of those three primary pillars: people. In an effort to secure things technically, we prioritize the protection of our…
16 top endpoint protection platforms
Endpoint security has long been an important part of cybersecurity within any enterprise’s overall security architecture, particularly to provide protection for remote devices that connect to an enterprise network. When laptops, smartphones, or desktop computers connect to a network, they establish network nodes and create points of vulnerability. Endpoint security might also be used with…
Ericom Application Isolator separates corporate apps from unauthorized users to prevent ransomware
Ericom Software announced the introduction of Ericom Application Isolator, a new solution that integrates with existing remote access VPNs and Next Generation Firewalls to secure corporate applications and data from the security risks associated with excessive access rights inside a network. Ericom Application Isolator addresses the security risks created by the broad access rights granted…