Copy
View this email in your browser

Thursday, October 14, 2021

A selection of the top articles and videos from the last week on SecuritySenses.com. Don't forget to check back regularly for daily updates from around the globe.

If you like SecurityBuzz, why not forward it to some friends or share the online version?

Until Next Time! 👏

Tweet
Share
Share
Forward
Featured Post

An overview of the MSP industry in terms of IT management and security

12-Oct-21   |   By Nisha Balajee   |   In ManageEngine , MSP
ManageEngine

A recent survey of IT professionals found that 59% of organizations have adopted managed service provider (MSP) services to oversee and monitor their network infrastructure. A quick glance at the MSP sector prompts the basic question: why do organizations outsource their IT control to service providers? The reasons include trimming costs associated with IT network maintenance and receiving better IT support for network issues when they arise. This corresponds to the definition of managed services; the MSP assumes an ongoing responsibility for 24-hour monitoring, managing, and problem resolution for the IT systems within a business.

Read More
Featured Post

3 ways to steer clear of ransomware attacks

11-Oct-21   |   By Manish Mandal   |   In ManageEngine , Cyberattacks
ManageEngine

It can be hard to react to and remediate ransomware attacks; by the time you realize you're under attack, you're already in damage control mode. The sheer number of ransomware attacks that take place isn't surprising. Though organizations across the globe have long been plagued by ransomware, the recent increase in hybrid work environments has led to a subsequent increase in cyberattacks.

Read More

4 Reasons Why Cybersecurity is Important in Banking

13-Oct-21   |   By Kasey Hewitt   |   In SecurityScorecard , Finance
SecurityScorecard

Organized cybercriminals are leaving traditional bank robbers in the dust. Nowadays, the banking sector’s most significant security concerns come in the form of online threats. Banks and other financial institutions process millions of transactions daily, with the majority of the transactions done via digital payment transfer platforms. For that reason, banks have become enticing targets for cybercriminals. So how can the banking sector stay ahead of new attack methods and improve its cybersecurity posture? Let’s find out.

Read More

The Impact of Mobile Spyware on Endpoint Protection

13-Oct-21   |   By The Editor   |   In WatchGuard , Endpoint Security
WatchGuard

The discovery of the Pegasus spyware demonstrated that no system is 100% secure or inaccessible, especially when it was discovered that this malicious program mainly affected iPhones. Apple has long boasted about the security of its iOS platform; however, a security breach – already fixed by the California-based company through an emergency update – allowed the dreaded spyware to access its mobile phones by launching zero-click attacks (which don’t require the victim to click on a link or file) and are even more serious. This discovery has highlighted the risk of using mobile phones in the workplace, raising the question of how we can do this safely.

Read More

Secure Socket Shell (SSH) Key Management: Risks, Benefits, and 6 Security Best Practices

13-Oct-21   |   By Ekran   |   In Ekran , Insider Threats
Ekran

Protecting your sensitive data and other critical assets requires establishing secure access to them in the first place. Lots of organizations do this by protecting their remote servers and corporate systems with SSH keys. However, even SSH keys can be compromised and abused by malicious actors. In this article, we talk about SSH keys and their role in secure authentication processes as well as about the benefits of effective SSH key management. Also, we offer six useful practices that will help you secure your digital keys.

Read More

4 Cost-effective Cybersecurity Solutions to Enhance Your Defensive Posture Today

13-Oct-21   |   By Haley Ashley   |   In Teramind , Insider Threats
Teramind

October is Cybersecurity Awareness Month, which means that companies are once again surveying the threat landscape. They can’t like what they see. By July 2021, threat actors attempted more than 304 million ransomware attacks, surpassing the 2020 total just halfway through the year. At the same time, the number of phishing scams is soaring, and the cost of a data breach is more expensive than ever before, reaching $4.24 million, according to the most recent industry study.

Read More

What is Open Source Intelligence?

13-Oct-21   |   By Catherine Chipeta   |   In UpGuard , Open Source
UpGuard

Open source intelligence (OSINT) is the process of identifying, harvesting, processing, analyzing, and reporting data obtained from publicly available sources for intelligence purposes. Open source intelligence analysts use specialized methods to explore the diverse landscape of open source intelligence and pinpoint any data that meets their objectives. OSINT analysts regularly discover information that is not broadly known to be accessible to the public. OSINT includes any offline or online information that is publicly available, whether free of cost, purchasable or obtainable by request.

Read More

IAM 101 Series: What Is CIAM?

13-Oct-21   |   By Tim Bedard ·   |   In ForgeRock , Access Management
ForgeRock

A customer identity and access management solution, or CIAM, is the foundation for building deeper relationships with your customers. Enterprise organizations rely on CIAM to acquire customers faster, deliver a great customer experience, and protect customer data. To learn more about how CIAM works, its benefits, and how it can help propel your business forward, keep reading.

Read More

SIEM use cases: the importance of bespoke threat detection rules

13-Oct-21   |   By Scott Hanson   |   In Redscan , SIEM
Redscan

However, SIEM requires the effective application of use cases or threat detection rules to achieve its full potential. In the first of this two-part series, we outline the importance of SIEM use cases (or rules) and the limitations of relying upon those provided out of the box with SIEM platforms.

Read More

Why access management needs to evolve beyond passwords

13-Oct-21   |   By David Bisson   |   In AT&T Cybersecurity , Access Management
AT&T Cybersecurity

Access management is a key element of any enterprise security program. Using policies defined by IT administrators, access management enforces access rights across the network. It does this by designating which groups of users are allowed access to which applications and identifying which user attributes are required to access each application. Problems arise for businesses when they base their access management programs entirely around passwords, however. Such programs overlook the burden that passwords can cause to users as well as to IT and security teams.

Read More

Running IT at a hyper growth startup

13-Oct-21   |   By Travis Gary   |   In Teleport , DevOps
Teleport

At Teleport we do IT a little differently — supporting a global remote company in hypergrowth is no easy feat and the playbook is different from traditional IT work. In this article, we want to share some of our IT philosophies that enable our employees to keep their agility despite working very asynchronously around the world.

Read More

How and Why Egnyte Redesigned Its Core Configuration System

13-Oct-21   |   By Ran Biron   |   In Egnyte , Content Management
Egnyte

Configuration at scale is hard. At Egnyte, we’d developed a flexible system that was advantageous early on but put increasing stress on our engineers and processes as the company grew. And, being a cloud deployed software product, we needed to be able to serve all of its customers, which meant we had to come up with a solution that addressed our current challenges and set us up to support our future growth as well.

Read More

48 Percent of UK businesses experience cyber breach during the pandemic

12-Oct-21   |   By SecureAge   |   In SecureAge , Data Breaches
SecureAge

New study by SecureAge reveals key trends in cybersecurity during COVID-19 and lack of preparedness.

Read More

Finding Patterns in the Chaos With User and Entity Behavior Analytics (UEBA)

12-Oct-21   |   By Sundaram Lakshmanan   |   In Lookout , Mobile
Lookout

There’s a great scene in the 1997 film “Contact” where the protagonist Dr. Eleanor Arroway, played by Jodie Foster, is informed that her lab’s funding has just been revoked. Arroway’s lab partner explained that the government lost faith in the project due to concerns of her engaging in questionable activities, such as watching static on TV for hours. To this, she responds angrily: “I was looking for patterns in the chaos, come on!” This is a great analogy to what User and Entity Behavior Analytics (UEBA) does automatically for you, so you don’t have to. While Arroway may have been looking for signs of life on different planets, spotting abnormal or malicious patterns in user and entity behavior can be just as difficult with the bare eye.

Read More

2020 Was the Year of the Phish. Let's Make Sure 2021 Isn't a Sequel

12-Oct-21   |   By Noor Boulos   |   In ThreatQuotient , Cyberattacks
ThreatQuotient

2020 was the year of the phish. Well, not officially. According to the Chinese Zodiac, 2020 was the Year of the Rat. But if you look at it from a cyberattack trends perspective, plenty of third parties reported a huge uptick in phishing attacks during 2020. The SANS 2021 Top New Attacks and Threat Report points to both the Microsoft Digital Defense Report 2020 and the 2021 Data Breach Investigations Report as key sources that validate phishing as the most common initial compromise vector. The FBI concurs, stating that phishing was the most common type of cybercrime in 2020, with the bureau receiving 241,342 complaints in 2020.

Read More

Container security best practices: Ultimate guide

12-Oct-21   |   By Álvaro Iradier   |   In Sysdig , Containers
Sysdig

Sticking to container security best practices is critical for successfully delivering verified software, as well as preventing severe security breaches and its consequences. According to the 2020 CNFC Survey, 92 percent of companies are using containers in production, a 300 percent increase since 2016. Thus, Kubernetes, Openshift, and other container technologies are present everywhere. But aren’t containers meant to be safe and isolated? Well, kind of.

Read More

Optimization is the CISO's COVID Endgame

12-Oct-21   |   By Lamont Orange   |   In Netskope , CISO
Netskope

When the COVID-19 pandemic descended on the U.S., companies took a no-holds-barred approach to maintain their operations. Employees up and down organizational structures were told to work from home, and IT teams were tasked with making that happen. The timeline was short, and approval processes moved quickly, which meant changes to network access and security were made more quickly, and in some cases more haphazardly, than in a “normal” situation.

Read More

Avoiding Cyber Security False Positives

12-Oct-21   |   By Reciprocity   |   In Reciprocity , Risk Management
Reciprocity

Today’s organizations are vulnerable to all kinds of cyberattacks, which NIST (the National Institute of Standards & Technology) defines as an event that disrupts, disables, destroys, or maliciously controls a computing environment, destroys data integrity, or steals controlled information. Expert security teams know that attackers might compromise the enterprise network, systems, or applications; or steal data at any time through any number of means.

Read More

What is Privileged Access Management (PAM)? Definition & Examples

11-Oct-21   |   By Kasey Hewitt   |   In SecurityScorecard , Access Management
SecurityScorecard

As organizations migrate to the cloud and adopt more “as-a-Service” technologies, identity and access have become the perimeter. Remote workforces mean that limiting access according to the principle of least privilege is a fundamental security control. As part of securing applications and networks, organizations need to focus on users with privileged access because they pose greater insider and credential theft risks. Understanding privileged access management (PAM) and the various privileged users in your organization can mitigate data security and privacy risk.

Read More

CloudCasa Launches Kubernetes Persistent Volume Backup with Simple Pricing, Automation and Secure Cloud Storage

11-Oct-21   |   By Bob Adair   |   In CloudCasa , Backup
CloudCasa

Just in time for KubeCon + CloudNativeCon North America 2021, Catalogic Software launched the general availability of its premium service for CloudCasa, a powerful Kubernetes backup service that is easy to use, affordable and comes with a generous free service tier. With our Activate Your Kubernetes Backup Superpower theme at KubeCon, CloudCasa unleashes the backup superpower for DevOps and IT teams. They can now be confident that their enterprise Kubernetes data is protected and tamper proof, while at the same time, they can be sure they are only paying for the data they are protecting, and not for how many clusters or worker nodes their Kubernetes applications are using.

Read More

Seven new (and convincing!) phishing scams to watch out for

11-Oct-21   |   By Egress   |   In Egress , Email Security
Egress

Cybersecurity would be so much simpler if criminal groups would stick to the same old tried and tested methods. Sadly, that’s never going to happen – they’re persistent and creative. Instead, cybersecurity teams need to keep up to date with the latest tricks in the criminal playbook. There’s no standing still when it comes to cybercrime. Just as the neatest garden will eventually be overrun with weeds without a vigilant gardener watching over it, better cybersecurity defences are constantly needed when new phishing attacks pop up. And so the arms race goes on…

Read More

How To Securely Share Documents Outside Your Company

11-Oct-21   |   By David Buster   |   In Egnyte , Content Management
Egnyte

Most companies have internal policies and controls to regulate exposure of sensitive information. Employees are trained, and tools are used to enforce those policies. However, those same safeguards don’t exist when your business needs to share sensitive information with third parties. Contracts, detailed project plans, product designs, future advertising campaigns—these are just some of the examples of files and documents you may need to share outside the company but still need to protect from bad actors and unauthorized users. These scenarios play out every day across the business world, and it raises an important security question: how do you control something when it’s out of your control?

Read More

Breaking it Down: The Difference Between InfoSec Compliance Types

11-Oct-21   |   By Reciprocity   |   In Reciprocity , Compliance
Reciprocity

Compliance is an essential part of any business. From a corporate perspective, it can be defined as ensuring your company and employees follow all laws, regulations, standards, policies and ethical practices that apply to your organization. In the context of information security, it means ensuring your organization meets the standards for data privacy and security that apply to your specific industry. And with the growing number of breaches and cyber attacks, this infosec compliance has become more critical to your business compliance program than ever before.

Read More

Risk Control Measures That Work

11-Oct-21   |   By Reciprocity   |   In Reciprocity , Risk Management
Reciprocity

Conducting a regular risk assessment is an integral part of any organization’s overall risk management program — and sometimes even a legal requirement, depending on your industry, contractual obligations, or the number of persons you employ. A risk assessment is the systematic process of identifying threats or hazards in your work environment, evaluating the potential severity of those risks, and then implementing reasonable control measures to mitigate or remediate the risks.

Read More

The Changing Role of the CISO

10-Oct-21   |   By Michelle Gunter   |   In Tripwire , CISO
Tripwire

Back in the early days of networking, many companies assigned all of the responsibilities to anyone who showed any aptitude towards operating a computer. In many companies, this was an accountant or someone else who also managed sensitive financial information. The assumption was that the person managing the corporate books was the most trustworthy person in the organization. This is perhaps true of finance, but as you can imagine, not only were the networks poorly managed, but the security consisted of whatever the software manufacturer put into place.

Read More

The Different Types of Risk Assessment Methodologies

08-Oct-21   |   By Reciprocity   |   In Reciprocity , Risk Management
Reciprocity

Risk is inherent to all businesses, regardless of your industry — and to prevent those risks from causing harm, you must first know what threats you are facing. The foundation of any successful risk management program is a thorough risk assessment, which can take many forms depending on what methodology best suits your needs. Risk assessment is the process of determining what threats confront your organization, the potential severity of each threat, and how to keep the likelihood of damage as low as possible.

Read More

How to hand over your cryptocurrency

08-Oct-21   |   By Nick Summers   |   In 1Password , Blockchain
1Password

If you own any virtual currency, what will happen to it after you’ve passed away? Would your friends and family know what you owned? Or how to access the funds?

Read More

User Entitlement Review Explained

08-Oct-21   |   By Tiffany Sexton   |   In Netwrix , Access Management
Netwrix

The entitlement review definition is simple: a review of user access permissions and other rights. The goal of a user entitlement review is to ensure that each user in the IT environment has access to the data they need to do their job and nothing more — the principle of least privilege. A structured and regular entitlement review process helps mitigate security risks and protect sensitive data.

Read More

BulletProofLink and the rise of phishing as-a-service

08-Oct-21   |   By Jed Kafetz   |   In Redscan , Cyberattacks
Redscan

In this blog post, we outline how the campaign works and the steps organisations can take to reduce the potential risks created by this and other email-based attacks.

Read More

SSH Tunneling Explained

08-Oct-21   |   By Sakshyam Shah   |   In Teleport , Cloud
Teleport

Although the typical use case of SSH is to access a remote server securely, you can also transfer files, forward local and remote ports, mount remote directories, redirect GUI, or even proxy arbitrary traffic (need I say SSH is awesome?). And this is just a small set of what’s possible with SSH. In this post, I’ll cover different tunneling features as supported by OpenSSH, which helps achieve security use cases such as remote web service access without exposing port on the internet, accessing server behind NAT, exposing local port to the internet. OpenSSH is the most widely used open-source SSH server. It comes pre-installed by default with the vast majority of Linux distributions.

Read More

How Hackers Exploit Passive and Active Attack Vectors

08-Oct-21   |   By Reciprocity   |   In Reciprocity , Hacking
Reciprocity

Learn about the methods cybercriminals use to exploit passive and active attack vectors so you can better protect your business or organization from cyberattacks. Cybercriminals will use any means they can to penetrate your corporate IT assets and exploit any vulnerabilities they find. Your ability to predict and prepare for these incidents could mean the difference between preventing a data breach and recovering from one.

Read More

Securing the edge with Zero Trust

07-Oct-21   |   By Bindu Sundaresan   |   In AT&T Cybersecurity , Security
AT&T Cybersecurity

The proliferation of cloud computing, mobile device use, and the Internet of Things has dissolved traditional network boundaries. Today, the network perimeter has evolved as workloads have moved to the cloud while non-managed, mobile devices have become the norm rather than the exception. The location of applications, users, and their devices are no longer static. Data is no longer confined to the corporate data center. Gaps in visibility and protection continue to widen as the attack surface evolves, forcing companies to bolt on multiple, disconnected tools to see and secure everything

Read More

Ransom disclosure law would give firms 48 hours to disclose ransomware payments

07-Oct-21   |   By Graham Cluley   |   In Tripwire , Malware
Tripwire

Organisations who find their networks hit by a ransomware attack may soon have to disclose within 48 hours any payments to their extortionists. That’s the intention of the Ransom Disclosure Act, a new bill proposed by US Senator Elizabeth Warren and Representative Deborah Ross. Ransomware victims are not currently required to report attacks or ransom payments to federal authorities, but the new bill would require all ransomware victims (excluding individuals) to disclose the following information within 48 hours of a ransom payment.

Read More

3 Tips to Building a Risk-Aware Culture

07-Oct-21   |   By Reciprocity   |   In Reciprocity , Risk Management
Reciprocity

Enterprise organizations and government agencies worldwide are focused on strengthening their computer networks against the risk of a cyberattack. However, a cybersecurity program is only as strong as its weakest link – and that link is often an employee. Yes, employees remain the biggest cybersecurity threat today. So, in addition to putting the right security controls and tools in place, your Information Security team needs to create a more risk-aware culture. To do this, they need to build internal awareness of the importance of risk management, as well as drive participation across the entire organization.

Read More

Learn About the Digital Operational Resilience Act

07-Oct-21   |   By Reciprocity   |   In Reciprocity , Legislation
Reciprocity

Around the world, and particularly over the past few years, regulators have been looking for ways to strengthen the resilience of the financial sector. In the European Union, regulators within the European Commission (EC) have taken a concrete step to meet this objective through the Digital Operational Resilience Act (DORA). The EC published a draft version of DORA in September 2020.

Read More

WhiteSource Cure: Automated Remediation for Developers

07-Oct-21   |   By Cobi Tal   |   In WhiteSource , DevOps
WhiteSource

Keeping up with today’s rapidly evolving threat landscape is an ongoing battle for software development organizations, as many struggle to keep their assets and customers secure while keeping up with the competitive pace of software delivery.

Read More

SnykCon 2021 Partner Day recap: New partners, service offerings, and Snyk Apps

07-Oct-21   |   By Sarah Conway   |   In Snyk , DevOps
Snyk

More than 600 Snyk partners joined us earlier this week for our second annual SnykCon Partner Day. In this blog post, we’ll outline the tremendous success Snyk is experiencing by working closely with our 100+ channel, technology alliance, cloud/marketplace, and system integrator partners. Collaboration with our partners is accelerating new market services and solutions offerings, extending our platform’s functionality and interoperability, and enabling a level of scale and ecosystem expansion Snyk could not create on our own.

Read More

Strong Relationships Matter More When MSPs Consolidate Vendors

07-Oct-21   |   By The Editor   |   In WatchGuard , Endpoint Security
WatchGuard

A rising tide lifts all boats. This common phrase offers a perfect explanation of why strong supplier and partner relationships are essential to the success of your business. Partner programs come in all shapes and sizes, but not all provide the same value to you and your business. However, when you invest in developing key business collaborations, both your company and its suppliers can reap the rewards of your efforts. In a new MSSP Alert article from WatchGuard Channel Marketing Specialist Joe Tavano, he looks at a few ways a strong relationship with a single vendor can bring value to your business.

Read More
Copyright © 2021 OpsMatters, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp