Search results for: zero trust

security platform

Codenotary extends immudb to store SOC and SIEM data with cryptographic verification

immudb has a connector to store events and data gathered by Security Operations Center (SOC) and Security Information and Event Management (SIEM) tools from Splunk, Elastic, plus IBM QRadar XDR and Microsoft Sentinel. “It’s important to store logs and events data and know that it can be trusted in six months, one year, or even five years from now, which is essential in the event of a security issue discovery and then audit and forensic … More

shield

It’s official: Digital trust really matters to everyone online

The new trust Business has always relied upon a foundation of trust. Before we did business we looked our potential business partner in the eye, shook their hand and got a sense of their trustworthiness. But trust today is based on many different things. Business interactions are increasingly online, virtual and (often) don’t involve another human being. How can we gauge trust in this digital wilderness? How can we: Make sure the people (and devices) … More

zero

Things to know and do before you switch from VPN to ZTNA

Will your organization fall apart if you don’t switch from a VPN to a zero trust network access (ZTNA) solution in the near future? I’m here to tell you it won’t. The reality of VPN vs. ZTNA For a while now, VPN has been the proven, go-to solution when thinking about the best way to provide secure connectivity and ensure safety of data in transit. In fact, many organizations today still use VPN when securing … More

data

Data backup is no longer just about operational fallback

Data backup has traditionally been in the operational domain of IT, while security teams have been responsible for threats to data from attacks. As these attacks have become more sophisticated, backups have come under threat and vendors have had to incorporate new features into their software to address attacks and protect data, according to Info-Tech Research Group. With many backup and recovery companies now referring to themselves as data protection (DP) platforms and with a … More

LastPass

LastPass says attackers got users’ info and password vault data

The August 2022 LastPass breach has resulted in potentially catastrophic consequences for the company and some of its users: attackers have made off with unencrypted customer data and copies of backups of customer vault data. The information couldn’t come at a worst time, as businesses are winding down their activities and employees and users are thick in the midst of last-minute preparations for end-of-year holidays. The LastPass breach resulted in theft of customer vault backups … More

cloud complexity

Dealing with cloud security shortfalls

72% of IT leaders believe their companies moved to the cloud without properly understanding the skills, maturity curve, and complexities of making it all work securely, according to a recent CloudBolt Software report. The results of the study should be concerning to enterprises: 68% said their organization’s security skill set across all clouds was only “somewhat mature.” Only 8% of respondents confirmed they had implemented highly operationalized cloud security practices when spinning up new compute … More

security platform

NordLayer Device Posture Monitoring checks device compliance

NordLayer’s Device Posture Monitoring allows companies to determine whether a device is compliant with existing cybersecurity policies and can be trusted to access company resources, which increases network security. Making an IT admin’s life easier Device Posture Monitoring (DPM) is a part of the zero trust network access (ZTNA) technology. The feature determines a device’s compliance with the company’s security rules no matter where the device is located, increasing the security of the company’s network. … More

binary

85% of attacks now use encrypted channels

Malware continues to pose the greatest threat to individuals and businesses across nine key industries, with manufacturing, education and healthcare being the most commonly targeted, according to Zscaler. Encrypted attacks remain a significant problem for countries around the globe, with the U.S., India and Japan seeing the biggest increases in attacks over the last 12 months. In addition, South Africa has seen a notable increase in TLS/SSL attacks compared to 2021. “As organizations mature their … More

vectors

5 cybersecurity trends accelerating in 2023

Netwrix has released key cybersecurity trends that will affect organizations of all sizes in 2023. Here are five specific trends that you need to be aware of: The business of cybercrime will be further professionalized The return of malware strains like Emotet, Conti and Trickbot indicates an expansion of cybercrime for hire. In particular, the growth of ransomware-as-a-service is enabling criminals without deep technical skills to make money, either by extorting a ransom for decryption … More

week in review

Week in review: Citrix and Fortinet RCEs, Microsoft fixes exploited zero-day

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerability with public PoC affects Cisco IP phones, fix unavailable (CVE-2022-20968) A high-risk stack overflow vulnerability (CVE-2022-20968) may allow attackers to DoS or possibly even execute code remotely on Cisco 7800 and 8800 Series IP phones, the company has confirmed. Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475) A critical RCE vulnerability (CVE-2022-42475) in Fortinet’s operating system, FortiOS, is … More

payments

As legislation evolves, businesses need a firm understanding of secure payment options

Despite the constant evolution of the financial landscape, consumers are still prioritizing a seamless and safe payment journey above all else, according to PCI Pal. New technology and new payment methods are at the forefront of the industry for 2023,” according to Alessandro Dalla Volta, VP of Product at PCI Pal, “With customer service as a top priority for companies and consumers open to new options, the payments landscape is primed to expand and evolve … More

security platform

Box Shield enhancements help reduce the risk of malicious attacks

Box has unveiled several enhancements to Box Shield, the company’s flagship security solution for protecting content in the cloud. These include an introduction of its new Ethical Walls feature, which creates information barriers to help prevent conflicts of interest and improper use of insider information, and advancements to its malware scanning capability to help reduce the risk of malicious attacks. Additionally, Box added new authentication and verification controls to its platform to provide customers with … More