Search results for: zero trust

week in review

Week in review: Windows EoP flaw still exploitable, GoDaddy breach, malicious Python packages on PyPI

Here’s an overview of some of last week’s most interesting news, articles and interviews: After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379) A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable. GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposed GoDaddy, the popular internet domain registrar and web hosting company, has suffered … More

IoT connection

Your supply chain: How and why network security and infrastructure matter

With digital transformation, the rapid adoption of cloud computing and the IoT, and the global scale of today’s supply chains, cybercriminals have more entry points to networks and access to data than ever before. In the past year alone, cyberattacks on the supply chain have negatively impacted industries across the globe almost four times more than last year, with no slowing in sight. Business leaders and organizations must prioritize securing supply chains and be aware … More

zero

Companies ditching VPNs for zero trust architectures to secure hybrid workplaces

Hybrid workplaces are the new norm, with 99% of respondents’ reporting their workforces will split time between the office and remote settings post-pandemic, a Teradici survey of more than 8,000 respondents across a range of industries reveals. The survey also found that concerns about endpoint security and data integrity are skyrocketing as Bring Your Own Device (BYOD) makes a comeback and employees commute with their devices. “The pandemic has caused a fundamental shift in how … More

certification

Crypto.com achieves SOC 2 certification to strengthen its security and privacy standards

Crypto.com announced it has successfully completed the Service Organization Control (SOC) 2 Audit, conducted by globally recognized audit and consulting firm Deloitte, which affirms that Crypto.com’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security, availability, confidentiality and privacy. To comply with SOC 2, Crypto.com demonstrated it had established rigorous policies and procedures in accordance with the AICPA Trust Services Criteria, and SOC 2 verifies the existence of internal controls … More

fast

10 trends likely to shape the IT industry, its workforce and its business models in 2022

Companies in the business of technology and IT professionals are optimistic that the new year will bring a return to growth and new strategic innovations, according to a report published by CompTIA. The report finds an industry and workforce eager to move on from nearly two years of keeping business and careers afloat and getting back to mindset that was in place prior to the pandemic. Nearly eight in ten channel companies study said they … More

Handshake

Exclusive Networks partners with Infinipoint to extend zero trust security to device identity

Exclusive Networks announced its worldwide distribution agreement with Infinipoint, a provider of a pioneering Device-Identity-as-a-Service (DIaaS) security solution that enables the critical device pillar of the zero trust cybersecurity approach. Focusing on mid-market aligned partners – initially in Europe covering France, Germany and the UK with a view to extending across global territories from early 2022 – Exclusive will be supporting Infinipoint growth targets both through net new opportunities and by capitalising on technology integrations … More

week in review

Week in review: Intel chip flaw, shedding light on hidden root CAs, Emotet stages a comeback

Here’s an overview of some of last week’s most interesting news, articles and interviews: Researchers shed light on hidden root CAs How widespread is the use of hidden root CAs and certificates signed by them? To answer that and other questions, a group of researchers from several Chinese and U.S. universities and Qihoo 360, the company developing the 360 Secure Browser, have collected 5 months worth of certificate data from volunteer users and analyzed certificate … More

Software

VMware simplifies purchase and deployment of VMware Cross-Cloud services for AWS customers

VMware is making it easier for Amazon Web Services (AWS) customers to purchase and deploy VMware Cross-Cloud services to support their AWS environments. VMware Cross-Cloud services help AWS customers drive digital innovation with enterprise control. VMware Carbon Black Cloud and VMware Tanzu are the latest services now available in the AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy for customers to find, test, buy, and … More

eavesdropping

The six most common threats against the device that knows you best

What is the most intimate relationship in your life—aside from your partner, your children or your parents? For many of us, it’s our mobile phone. It’s the last thing we see before sleep, and it’s usually the first thing in our hands each morning. I specialize in cybersecurity not mental health, so I can’t comment on how this intimacy with a device affects our well-being. But I can say that we must secure any platform … More

security platform

BlastWave BlastShield addresses the three most common attack vectors

BlastWave announces BlastShield, an all-in-one SDP solution that combines infrastructure cloaking and passwordless multi-factor authentication (MFA) for identity-based secure remote network access for organizations who’ve adopted a zero trust security model. BlastShield enables organizations to hide on-premise and cloud workloads from outsiders and insider threats, concealing an organization’s infrastructure from cyberattacks through software-defined microsegmentation without modifications to existing network fabric and hardware. Using passwordless MFA, BlastShield prevents account takeovers while combining the SDP capabilities of … More

Software

Nebulon smartIaaS provides multi-cloud solution for hosted and customer-owned data centres

Nebulon announced the Nebulon smartIaaS solution, designed to help cloud service providers deliver new services at a lower cost across both hosted and customer-owned data centres. Nebulon also announced that UK-based service provider Inca Cloud has chosen the Nebulon smartIaaS solution with Supermicro as a part of its new cloud service, WSO by Inca. The service will be built for both hosted and private cloud deployments and will provide enterprises with a multi-cloud solution as … More

Handshake

Karlsgate and LexisNexis Risk Solutions deliver secure patient data for healthcare

Karlsgate announced that it is partnering with the Health Care business of LexisNexis Risk Solutions to introduce a secure identity resolution platform for the healthcare market. Securing patient identities remains an industry focus spurred by HIPAA, yet it often prohibits the ability of organizations to conduct other clinical and operational functions that would benefit all stakeholders. Using Karlsgate’s advanced data sharing capabilities in a zero-trust environment ensures efficient and compliant connectivity for all partners while … More