Category: esecurityplanet

This article has been indexed from eSecurityPlanet Security information and event management (SIEM) technology provides foundational support for threat detection. The high costs of SIEMs once made them feasible only for larger enterprise clients, but they have become more reasonable…

Read more →

This article has been indexed from eSecurityPlanet The next few years will see a surge in channel spending. According to Jay McBain, an analyst at Forrester Research, spending on IT and telecommunications will be worth about $7 trillion by 2030.…

Read more →

This article has been indexed from eSecurityPlanet Microsoft is shutting a couple of security holes, including one that has been a favored target of attackers for years and another that the enterprise software giant recently learned could be exploited to…

Read more →

This article has been indexed from eSecurityPlanet Single sign-on (SSO) is one of several authentication technologies aimed at streamlining and keeping login information and processes secure. SSO makes it feasible for one login to be enough for a group of…

Read more →

This article has been indexed from eSecurityPlanet Single sign-on (SSO) is one of several authentication technologies aimed at streamlining and keeping login information and processes secure. SSO makes it feasible for one login to be enough for a group of…

Read more →

This article has been indexed from eSecurityPlanet The UK government recently started an open-source GitHub repository to help organizations scan networks for vulnerabilities. The idea behind the Scanning Made Easy project from the National Cyber Security Centre (NCSC) and its…

Read more →

This article has been indexed from eSecurityPlanet Malware is one of the biggest threats businesses face, and with nearly a third of all malware coming through the internet and email, businesses and consumers alike need ways to protect themselves. The…

Read more →

This article has been indexed from eSecurityPlanet Tens of thousands of applications that are critical to the operations of data centers around the globe are exposed to the internet, with many secured with default factory passwords, posing a significant cyber…

Read more →

This article has been indexed from eSecurityPlanet Video conferencing vendor Zoom has seen its fortunes soar amid the remote work boom of the last two years, and other cloud collaboration platforms like Microsoft Teams and Cisco Webex have seen demand…

Read more →

This article has been indexed from eSecurityPlanet Video conferencing vendor Zoom has seen its fortunes soar amid the remote work boom of the last two years, and other cloud collaboration platforms like Microsoft Teams and Cisco Webex have seen demand…

Read more →

This article has been indexed from eSecurityPlanet Microsoft in November fended off a massive distributed denial-of-service (DDoS) attack in its Azure cloud that officials said was the largest ever recorded, the latest in a wave of record attacks that washed…

Read more →

This article has been indexed from eSecurityPlanet It seems like a week doesn’t go by without a new vulnerability demonstrating the fragility of the software interdependencies that make up the software supply chain. A large part of software development leverages…

Read more →

This article has been indexed from eSecurityPlanet The Biden Administration is pushing federal agencies to adopt a zero-trust security architecture to protect themselves and their data from “increasingly sophisticated and persistent threat campaigns,” according to a new strategy issued this…

Read more →

This article has been indexed from eSecurityPlanet As threats mount from ransomware gangs, Russian-backed hacker groups, and other nation-sponsored attackers and as the growth in remote work makes security management increasingly complicated, many companies are finding it makes sense to…

Read more →

This article has been indexed from eSecurityPlanet An easily exploited flaw in a program found in every major Linux distribution is the latest serious security issue that has arisen in the open-source space in recent weeks. Researchers at cybersecurity vendor…

Read more →

This article has been indexed from eSecurityPlanet Network monitoring is where business performance meets cybersecurity, making it a critical component of any organization’s development, security, and operations (DevSecOps) pipeline. With the rise of enterprise networks in the past few decades…

Read more →

This article has been indexed from eSecurityPlanet Virtual Private Networks (VPNs) provide secure access to business files for remote workers, making them a crucial part of an enterprise’s technology stack. But they need the right protocols to run properly. A…

Read more →

This article has been indexed from eSecurityPlanet With so many employees working remotely, the importance of secure network access control (NAC) has never been higher. In this guide, we showcase the industry’s leading NAC solutions along with an overview of…

Read more →

This article has been indexed from eSecurityPlanet The U.S. government agency overseeing cybersecurity is urging the country’s businesses and other organizations to take the necessary steps to protect their networks from any spillover that might occur from the ongoing cyberattacks…

Read more →

This article has been indexed from eSecurityPlanet Incidents of malware targeting Linux-based Internet of Things (IoT) devices jumped by more than a third in 2021, with three malware families the primary drivers behind the increase. According to a report by…

Read more →

This article has been indexed from eSecurityPlanet The profile of patch management has risen considerably in the last year due to the number of major breaches that have taken place where basic patches had been overlooked. News stories repeatedly note…

Read more →

This article has been indexed from eSecurityPlanet An astonishing incident in recent days highlights the risks of widespread dependence on open source software – while also highlighting the free labor corporations benefit from by using open source software. Marak Squires,…

Read more →

This article has been indexed from eSecurityPlanet Security researchers are continuing to see state-supported hacking groups developing tools to leverage the high-profile Log4j vulnerability that exploded onto the scene last month even as the White House and other parts of…

Read more →

This article has been indexed from eSecurityPlanet U.S. federal security agencies are putting companies on alert to potential threats from Russian state-sponsored cybercriminal groups, warning in particular about dangers to critical infrastructure and urging organizations to learn how to detect…

Read more →

This article has been indexed from eSecurityPlanet As we enter 2022, the shortage of cybersecurity pros hasn’t gotten better. In fact, it’s gotten worse. There are currently about 435,000 cybersecurity job openings available in the United States, up from approximately…

Read more →

This article has been indexed from eSecurityPlanet Information security products, services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. Investors recognize the potential too, as funding for cybersecurity ventures more than…

Read more →

This article has been indexed from eSecurityPlanet A report last week by the New York Attorney General’s Office put a spotlight on the ongoing threat of credential stuffing, a common technique used by cybercriminals that continues to spread and is…

Read more →

This article has been indexed from eSecurityPlanet About the only consensus on cybersecurity in 2022 is that things will get uglier, but in what ways? Third-party security, ransomware, artificial intelligence (AI) and decentralized finance (DeFi) are some of the threats…

Read more →

This article has been indexed from eSecurityPlanet MITRE ATT&CK (“miter attack”) is an up-to-date and widely-used knowledge base that focuses on how attackers think and operate. It’s based on practical use cases, so companies can better evaluate security issues and…

Read more →

This article has been indexed from eSecurityPlanet Cyberthreats against software supply chains moved to the forefront of cybersecurity concerns a year ago when revelations of the attack on software maker SolarWinds emerged. Now one security researcher – Moshe Zioni, vice…

Read more →

This article has been indexed from eSecurityPlanet Intrusion detection systems (IDS) and intrusion prevention systems (IPS) have long been a part of the network security toolbelt for detecting, tracking, and blocking threatening traffic and malware. With the evolution of cybersecurity…

Read more →

This article has been indexed from eSecurityPlanet Compliance issues can be tricky, especially when there are so many data privacy laws. Find out how to comply with GDPR, PIPL, and CCPA. The post How to Comply with GDPR, PIPL and…

Read more →

This article has been indexed from eSecurityPlanet Compliance issues can be tricky, especially when there are so many data privacy laws. Find out how to comply with GDPR, PIPL, and CCPA. The post How to Comply with GDPR, PIPL, and…

Read more →

This article has been indexed from eSecurityPlanet There are few guarantees in the IT industry, but one certainty is that as the world steps into 2022, ransomware will continue to be a primary cyberthreat. The dangers from ransomware have risen…

Read more →

This article has been indexed from eSecurityPlanet Some companies use cloud-based security information and event management (SIEM), and others use SIEM that has been installed in a local data center. These on-premises SIEMs can be run on Windows Servers, Linux…

Read more →

This article has been indexed from eSecurityPlanet Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application security and integrity.  With the adoption of cloud-based applications and services growing exponentially, especially as a…

Read more →

This article has been indexed from eSecurityPlanet Nation-state cyber threat groups and ransomware attackers are moving in to exploit a critical flaw found in the seemingly ubiquitous Apache Log4j open-source logging tool, as attacks spread just days after the vulnerability…

Read more →

This article has been indexed from eSecurityPlanet Cybercriminals are quickly ramping up efforts to exploit the critical flaw found in the widely used Log4j open-source logging tool, targeting everything from cryptomining to data theft to botnets that target Linux systems.…

Read more →

This article has been indexed from eSecurityPlanet Cybersecurity vaccines are emerging as a new tool to defend against threats like ransomware and zero-day vulnerabilities. Cybersecurity firms have released “vaccines” in recent days to protect against the widely used STOP ransomware…

Read more →

This article has been indexed from eSecurityPlanet Cybercriminals are quickly ramping up efforts to exploit the critical flaw found in the widely used Log4j open-source logging tool, targeting everything from cryptomining to stealing data to creating botnets that target Linux…

Read more →

This article has been indexed from eSecurityPlanet A critical vulnerability in the open-source logging software Apache Log4j 2 is fueling a chaotic race in the cybersecurity world, with the Apache Software Foundation (ASF) issuing an emergency security update as bad…

Read more →

This article has been indexed from eSecurityPlanet A critical vulnerability in the open-source logging software Apache Log4j 2 is fueling a chaotic race in the cybersecurity world, with the Apache Software Foundation (ASF) issuing an emergency security update as bad…

Read more →

This article has been indexed from eSecurityPlanet We make IT, security, or any business decision by weighing the risks and the rewards. What investments can we make to drive down costs or increase sales? Or as is often the case…

Read more →

This article has been indexed from eSecurityPlanet ​​​​​​​​Fifteen years after the launch of the microblogging social media platform, Twitter remains a dominant public forum for instant communication with individuals and organizations worldwide on a universe of topics, including #cybersecurity. Here…

Read more →

This article has been indexed from eSecurityPlanet AT&T is working to stop a botnet that has infected at least 5,700 network edge servers inside its networks and appears designed to steal sensitive information and launch distributed denial-of-service (DDoS) attacks. Researchers…

Read more →

This article has been indexed from eSecurityPlanet Hacking groups linked to Russia, China and India are leveraging a novel attack technique that makes it easier for them to spread malware, steal data and evade detection, according to a report this…

Read more →

This article has been indexed from eSecurityPlanet A next-generation firewall (NGFW) is an important component of network security and represents the third generation of firewall technology. NGFWs provide capabilities beyond that of a traditional, stateful firewall, including cloud-delivered threat intelligence,…

Read more →

This article has been indexed from eSecurityPlanet Businesses that have spent the past three-plus years adapting to the European Union’s far-reaching data privacy law now have to decide how they will respond to a similar law in China that has…

Read more →

This article has been indexed from eSecurityPlanet IT asset management (ITAM) used to be purely about inventorying what hardware and software assets were scattered about the enterprise. However, the needs of cybersecurity now require that they also offer some kind…

Read more →

This article has been indexed from eSecurityPlanet Cybersecurity training for employees has come a long way in the last few years. Back in the day, security training was largely reserved for IT security specialists and then extended to include IT…

Read more →

This article has been indexed from eSecurityPlanet Cybersecurity training for employees has come a long way in the last few years. Back in the day, security training was largely reserved for IT security specialists and then extended to include IT…

Read more →

This article has been indexed from eSecurityPlanet Privileged accounts are among an organization’s biggest cybersecurity concerns. These accounts give admins control over data, applications, infrastructure and other critical assets that average system users don’t have permission to access or change.…

Read more →

This article has been indexed from eSecurityPlanet MITRE is moving beyond its well-regarded endpoint security evaluations and will soon be testing other security services and products. MITRE recently issued a call for participation for ATT&CK Evaluations for Managed Services, designed…

Read more →

This article has been indexed from eSecurityPlanet IoT security is where endpoint detection and response (EDR) and enterprise mobility management (EMM) meet the challenges of a rapidly expanding edge computing infrastructure. As the enterprise attack surface grows, IoT is yet…

Read more →

This article has been indexed from eSecurityPlanet In a year in which ransomware attacks seem to get worse by the day, companies have made surprising progress defending themselves against attacks. But the attention paid to the malware by journalists, cybersecurity…

Read more →

This article has been indexed from eSecurityPlanet A payload is a piece of code that executes when hackers exploit a vulnerability. In other words, it’s an exploit module. It’s usually composed of a few commands that will run on the…

Read more →

This article has been indexed from eSecurityPlanet Endpoint security software is designed to detect, avert, and eradicate malware on endpoint devices like desktop computers, laptops, network servers, and mobile phones. Endpoint security solutions are available in three forms—personal, small and…

Read more →

This article has been indexed from eSecurityPlanet Email is typically the channel through which ransomware and malware are unleashed upon the enterprise. Phishing scams use it to compromise networks. Executives are conned by fake emails into sending funds to the…

Read more →

This article has been indexed from eSecurityPlanet New cybersecurity buzzwords are always in abundance at the Gartner Security & Risk Management Summit, and the concepts that took center stage this week, like cybersecurity mesh and decentralized identity, seem well suited…

Read more →

This article has been indexed from eSecurityPlanet Bad actors are increasingly using a technique called HTML smuggling to deliver ransomware and other malicious code in email campaigns aimed at financial services firms and other organizations, according to Microsoft researchers. In…

Read more →

This article has been indexed from eSecurityPlanet Hackers got into an email server at the FBI over the weekend to spread fake messages in an attempt to blame a cybersecurity expert for non-existent attacks, apparently in hopes of damaging his…

Read more →

This article has been indexed from eSecurityPlanet Remote work and home offices were an afterthought until the COVID-19 pandemic. They were then vaulted to the forefront of security concerns so quickly that security and IT teams were caught off guard.…

Read more →

This article has been indexed from eSecurityPlanet Distributed denial of service (DDoS) attacks soared in the third quarter, giving organizations yet another cyber threat to worry about. Kaspersky researchers reported that total attacks were up by about a third from…

Read more →

This article has been indexed from eSecurityPlanet For a security technology that’s only a few years old, microsegmentation is catching on quickly. According to a new report from edge security vendor Byos, 88 percent of cybersecurity leaders believe microsegmentation is…

Read more →

This article has been indexed from eSecurityPlanet U.S. law enforcement officials this week announced the indictments of a Ukrainian national and a Russian citizen in connection with ransomware campaigns by the recently shuttered REvil cybercriminal group, including the high-profile attack…

Read more →

This article has been indexed from eSecurityPlanet The McAfee consumer security business, which trades on the NASDAQ under the symbol MCFE, will be going private in a deal valued at more than $14 billion. McAfee had sold its Enterprise business…

Read more →

This article has been indexed from eSecurityPlanet Every organization needs visibility into the potential threats they face daily. Enterprise risk management software can provide risk monitoring, identification, analysis, assessment, and mitigation, all in one solution.  While a number of solutions…

Read more →

This article has been indexed from eSecurityPlanet The United States government is putting a $10 million bounty on the leaders of the DarkSide cybercriminal organization, the ransomware group behind the attack earlier this year on Colonial Pipeline that caused major…

Read more →

This article has been indexed from eSecurityPlanet A fundamental cornerstone of security is layers. We use passwords to authenticate our users, run antivirus to keep malware off our endpoints, monitor our networks, and implement firewalls so we can have multiple…

Read more →

This article has been indexed from eSecurityPlanet It’s been an active week for security vulnerabilities, with MITRE and the U.S. Cybersecurity & Infrastructure Agency (CISA) revealing hundreds of critical vulnerabilities. CISA ordered federal agencies to patch a list of nearly…

Read more →

This article has been indexed from eSecurityPlanet Ransomware groups seem to change form daily. In the latest news, the BlackMatter ransomware group announced it was shutting down – and just hours later came news that its victims were being transferred…

Read more →

This article has been indexed from eSecurityPlanet Researchers have outlined a method that could be used by bad actors to push vulnerabilities into source code that are invisible to human code reviewers. In a paper released this week, two researchers…

Read more →

This article has been indexed from eSecurityPlanet IBM is moving into the endpoint detection and response (EDR) market with the acquisition of ReaQta. IBM is positioning the announcement as part of its move into the XDR market. Extended detection and…

Read more →

This article has been indexed from eSecurityPlanet Cloud security is a delicate balancing act of keeping the freedoms that make migration worthwhile while also keeping a company’s data secure. A recent breach of Twitch, an Amazon-owned company, showed businesses just…

Read more →

This article has been indexed from eSecurityPlanet The European Union is poised to place more demands on manufacturers to design greater security into their wireless and Internet of Things (IoT) devices. In an amendment to the EU’s 2014 Radio Equipment…

Read more →

This article has been indexed from eSecurityPlanet This post has been updated for 2021. Firewalls are as central to IT security as antivirus programs are to PCs, and the multi-billion-dollar market remains large and growing. In the broadest terms, firewalls…

Read more →

This article has been indexed from eSecurityPlanet Cybercriminals leveraging the SolarMarker .NET-based backdoor are using a technique called SEO poisoning to drive malicious payloads into victims’ systems so they can gain access to the credentials and data within. According to…

Read more →

This article has been indexed from eSecurityPlanet Many large enterprises struggle to stay on top of serious cyber threats like ransomware. For a small business, the challenge can seem overwhelming. Between the growing threats and a shortage of cybersecurity talent…

Read more →

This article has been indexed from eSecurityPlanet Buyers looking for an endpoint security solution often compare CrowdStrike and Symantec, and while both vendors made our top endpoint detection and response (EDR) product list, they’re very different security products that will…

Read more →

This article has been indexed from eSecurityPlanet What’s the best antivirus software? With the rise in malware and ransomware and a growing reliance on the internet, antivirus solutions are critical for protecting your data and applications. We here at eSecurity…

Read more →

This article has been indexed from eSecurityPlanet Illumio today announced the launch of Illumio CloudSecure, an agentless solution designed to support zero trust security in public, hybrid, and multi-cloud environments. The new offering can be deployed on its own, or…

Read more →

This article has been indexed from eSecurityPlanet The Russian-based cybercrime group responsible for the high-profile attack on software maker SolarWinds last year is continuing to take aim at the global supply chain, according to a warning issued by Microsoft this…

Read more →

This article has been indexed from eSecurityPlanet As threat actors aim at IT supply chains, enhanced cybersecurity has been the recent driving force for industry adoption of the Software Bill of Materials (SBOM) framework. With a simple list of components…

Read more →

This article has been indexed from eSecurityPlanet The attacks on SolarWinds and Kaseya over the past year put a spotlight on how an attack on a single company can have downstream consequences on the victim’s partners and customers. The attackers…

Read more →

This article has been indexed from eSecurityPlanet The bulk of companies hit by ransomware are deciding that paying the ransom is the best and fastest way to get their businesses back online, despite growing pressure from the federal government and…

Read more →

This article has been indexed from eSecurityPlanet Recent news headlines have shown how vulnerable even large companies with many resources at their disposal are to ransomware. While these attacks may feel inevitable, there are measures that businesses can take to…

Read more →

This article has been indexed from eSecurityPlanet Businesses have far more cloud security options than they once did, making clouds often as safe as, if not safer than, on-premises solutions. Still, cloud security has grown increasingly complicated as application development…

Read more →

This article has been indexed from eSecurityPlanet Over the past quarter of a century, the open source movement has gone from strength to strength. But that success and the openness inherent in the community have led to a major challenge…

Read more →

This article has been indexed from eSecurityPlanet A lawsuit working its way through the courts could have a lot to say about the liabilities facing organizations that have been hit by ransomware attacks – and could have implications for cybersecurity…

Read more →

This article has been indexed from eSecurityPlanet Managing machine identities has never been more critical to an enterprise’s cybersecurity. Machine identities now outnumber humans in enterprises, according to Nathanael Coffing, co-founder and CSO of Cloudentity. Without thorough visibility and proper…

Read more →

This article has been indexed from eSecurityPlanet Windows 11 started rolling out on October 5 for personal devices, but everyone likely won’t have access to the upgrade until the middle of 2022. Regardless of when they get Windows 11, businesses…

Read more →

This article has been indexed from eSecurityPlanet Officials with Microsoft’s Azure public cloud said the company in late August was able to stave off a record distributed denial-of-service (DDoS) attack against a European customer that originated in the Asia-Pacific region.…

Read more →

This article has been indexed from eSecurityPlanet Zero-day vulnerabilities are no longer exclusively for elite hackers. There are now automated scripts available on GitHub so even novice hackers can explore these previously unknown security flaws. That was one of the…

Read more →

This article has been indexed from eSecurityPlanet Sophos cybersecurity researchers have discovered a Python-based ransomware operation that escalated from a compromised corporate network to encrypted virtual machines in just three hours. VMware ESXi datastores rarely have endpoint protection, the researchers…

Read more →

This article has been indexed from eSecurityPlanet Google is giving out 10,000 free security keys to high-risks users, an announcement that came a day after the company warned 14,000 of its high-profile users that they could be targeted by the…

Read more →

This article has been indexed from eSecurityPlanet ESET might not have the name recognition of some other long-time cybersecurity companies, but at around 30 years old, the Slovakia-based company has been around longer than many of its rivals. And like…

Read more →

This article has been indexed from eSecurityPlanet Qualys this week launched a new Ransomware Risk Assessment Service that’s designed to help enterprises understand their potential exposure to ransomware and automate the process of patching any associated vulnerabilities or misconfigurations. The…

Read more →

This article has been indexed from eSecurityPlanet The surge in ransomware attacks in the last year have spurred attempts by government officials to bolster cybersecurity defenses, and those actions advanced on multiple fronts this week. In an op-ed piece published…

Read more →

This article has been indexed from eSecurityPlanet This post has been updated for 2021. The network firewall is the first line of defense for traffic that passes in and out of a network. The firewall examines traffic to ensure it…

Read more →

This article has been indexed from eSecurityPlanet Ransomware attacks are a huge concern these days, especially for corporate networks. Successful assaults can lead to locked up data and systems, as well as stolen and leaked data, bringing chaos to the…

Read more →