“If you want to go quickly, go alone, but if you want to go far, go together.”
This African proverb opens the Sophos 2021 Threat Report, and in view of recent cybersecurity events, its meaning is very important when it comes to defending against ransomware attacks. As threat actors work together to provide ransomware-as-a-service, defender
The rise of the cloud didn’t free us from concerns over who stores our data. Where matters, and major cloud providers and big data monopolies host a huge percentage of the world’s data. Thousands of organizations that store and manage personal, business and government data use big-name cloud providers. Smartphone platform companies house an
It’s just part of the job: at some point in a device’s lifecycle, data must be destroyed. While deleting files may mean users and apps can’t access them, simple deletion isn’t enough to truly destroy the data. To be most effective, secure data destruction has to be complete. This is especially true when your organization needs to sta
After a year of lockdown, or nearly full lockdown, due to the ongoing health crisis, we learned a lot from how our organizations responded when we all had to change our work habits to a home-office setup. Many companies that had only a casual relationship with Virtual Private Network (VPN) technology had to quickly reach expert-level proficiency in how to co
Google’s problems with in-the-wild Chrome browser zero-days appear to be multiplying by the month.The latest confirmation of this appears today with a new Chrome point-update to patch a pair of security vulnerabilities affecting Windows, MacOS and Linux users. Google said it was aware of reports that both of these vulnerabilities - CVE-2021-21206 and CVE-202
Just weeks after a wave of major in-the-wild zero-day attacks against Exchange Server installations globally, Microsoft is raising a fresh alarm for four new critical security flaws that expose businesses to remote code execution attacks.The four new Exchange Server vulnerabilities were fixed as part of this month’s Patch Tuesday bundle and because of the se
“It has gotten to the point, unfortunately, where they are so frequent and common these days, that it’s like, here we go again,” Christopher Sitter says when I asked him about the prospect of a third-party data breach.
Sitter is the senior director of information security at Juniper Networks. He manages all things incident response-re
Ten variants of the Joker Android Trojan managed to slip into the Huawei AppGallery app store and were downloaded by more than 538,000 users, according to new data from Russian anti-malware vendor Doctor Web.Also known as Bread, the Joker Trojan was first observed in 2017 when it was originally focused on SMS fraud. Last year, the malware was observed perfor
I’m both excited and concerned to write about data security as one of the hot trends to monitor in 2021. Data security is a tough topic to summarize and I’d argue it may be the most misunderstood category in security right now. We’re a raw industry that has been shaken up multiple times for years. We’ve gotten micro-services, Agile software development, publ
Vulnerability management is largely about patch management: finding, triaging and patching the most critical vulnerabilities in your environment. Each aspect of this process presents its own problems. In 2020, more than 17,000 vulnerabilities were reported to NIST, and more than 4,000 of these were high priority. Knowing which of these affect you, where
Is it Real or not? How to Spot phishing Emails April 12th, 2021 No Comments anti-phishing, Data Privacy, Data Protection, Online Privacy, Online Safety, PC security, Phishing Protection It has become virtually impossible to distinguish nowadays betw
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool to help with the detection of potential compromise within Microsoft Azure and Microsoft 365 environments.Dubbed Aviary, the new tool is a dashboard that makes it easy to visualize and analyze output from Sparrow, the compromise detection
Greater exposure is both good news and bad news when it comes to new ransomware threats. While ransomware attacks themselves are never good news, it is a positive sign that these attacks are receiving more media attention, such as the attack on an entire hospital chain, an attack on a Las Vegas school district and even an attack on a coffee machine.&nb
Vulnerability management may not be the sexiest topic. But, while buzzier topics are certainly important, vulnerability management may just be the key to an effective data security strategy. According to a Ponemon Institute report, 42% of nearly 2,000 surveyed IT and security workers indicated that they had suffered a data breach in the last two years that
There is a lot of talk about ‘modern’ data security. Organizations want a data security strategy that aligns with a digitally transformative vision. Tech can sometimes drown in buzzwords. What do modernization and vision actually refer to? And what do modern data security solutions really require?
Both terms refer to end-to-end data s