Bugs in the data center: How social engineering impacts physical security
One data center management team learned the hard way that bugs can be a menace — or, to be more specific, the people who hunt…
Microchip Adds Real-Time Security to Its Root of Trust Silicon Tech
Security is a multi-step process. There’s a chain of trust, with each link verified and authenticated by the one that comes before. But eventually, the…
Machine Identity Management: A Fast-Growing Frontier of Security
The number of machines enterprise security teams have to manage is exploding. When it comes to computing infrastructure, servers have been supplanted by virtual machines,…
Legitimate Security Tool Used Against Ukrainian Power Grid, Now Top Global Threat
Earlier this year, security researchers reported the use of legitimate security tools in multiple attacks against Ukrainian organizations, including government agencies, non-profits, and tech companies.…
Physical Infrastructure Cybersecurity: A Growing Problem for Data Centers
Modern data center infrastructure management (DCIM) platforms and other new tools put more power in the hands of facility managers. As a result, data centers…
Cloudflare Expands Email Security and WAF, Announces API Security Service
Cloudflare is best known for its content delivery network and DDoS mitigation services, but it has been steadily expanding into other areas of web security…
AWS, Azure Vulnerabilities Would Have Allowed Access To Other Customers’ Accounts
Researchers from Orca Security have found two vulnerabilities in Amazon’s AWS and Microsoft’s Azure clouds that could have allowed users access to other customers’ infrastructure. Both Amazon…
Network Encryption: A Double-edged Sword for Cybersecurity
In 2013, less than half of all web traffic was encrypted, according to Google. Today, the rate of network encryption stands at 95%. On the one hand, that’s…
Enterprises Need To Prepare for Broader Cyberwar
As the fighting in Ukraine escalates and it looks like Russia won’t have the quick and easy victory it anticipated, the war is already having…
Nine Best Practices for Zero Trust
With the escalation of hostilities in Ukraine, increased activity by cybercriminal groups, and an ever-expanding attack surface caused by enterprises migrating to the cloud and…
As Concerns About Ukraine Mount, Gov’ts Issue Ransomware Alert
The first international joint advisory about ransomware was issued last week as concerns mount about a potential Russian invasion of Ukraine. Tensions rose even higher on…
By Looking at the Past, New Cyber Board Can Prepare Us for the Future
The Department of Homeland Security launched the country’s first Cyber Safety Review Board this month, a private-public initiative designed to improve cybersecurity. The CSRB will start…
Latest Cisco VPN Router Vulnerabilities Pose Risks To Small Businesses – And Their Partners
Last week, Cisco disclosed 15 vulnerabilities in Cisco routers, including five with “critical” severity ratings. The vulnerabilities, which affect the Cisco Small Business RV160, RV260, RV340, and…
Denial of Service Attacks Expected To Get Bigger, Nastier
A distributed denial of service (DDoS) attack can take down a company’s infrastructure, communications, applications, or other services. It costs money to recover from such…
Top Three Use Cases for AI in Cybersecurity
Cybersecurity professionals are facing an unprecedented threat environment, with record-high numbers of attacks, shortage of qualified staff, and increasing aggression and sophistication from nation-state actors.…
Space is the final frontier for data centers
Last year marked the first time humanity deployed a conventional data center in space. The HPE Spaceborne Computer-2 – a set of HPE Edgeline Converged…
Log4Shell Vulnerability Highlights Software Supply Chain Issues
Open source software has eaten the world, but last month’s Log4Shell vulnerability chaos highlights the potential dangers when enterprises don’t treat it with the respect it deserves.…
Looking Forward to 2022: What To Expect in Cybersecurity
Winston Churchill said, “Generals are always prepared to fight the last war.” He said this like it was a mistake. But in cybersecurity, we must…
Enterprises See Exponential Growth in log4jshell Attacks
The Apache Log4j library is a Java-based logging tool that is ubiquitous in enterprise applications. The vulnerability known as Log4Shell, first reported on Dec.…
Trust no one: New technology platforms expand the attack surface
Next year, AT&T, Verizon and T-Mobile all plan to shut down their 3G networks, even as 5G rollouts continue around the country and around the…
On-prem-as-a-service comes into its own during pandemic
Many companies accelerated their move to the cloud during the pandemic – including cloud-based computing, and, with SASE, cloud-based networking and security as well. But…
SolarWinds Hackers Step Up Attacks Against IT Services Firms
Late last year, we learned that Russian state actors compromised SolarWinds Orion, a widely used network monitoring tool, and were able to access the systems of…
Post-Pandemic, Data Centers Adapt to “New Normal”
For data center managers, the pandemic has changed everything. And we are not going back, at least, not anytime soon. And when we can go…
Cloud Identity Is “New Normal” Replacement for On-Prem Tools
Today’s data center has very little in common with that of a few years ago. The old model of on-prem servers surrounded by a tough,…
API Attacks, Breaches Piling Up
In August, dozens of organizations using Microsoft Power Apps inadvertently exposed 38 million records — COVID-19 contact tracing, job applicants’ Social Security numbers, and even…
Five Functions That Benefit From Cybersecurity Automation
Data center cybersecurity managers have had it tough this pandemic. During the first half of 2021, bad actors launched 5.4 million DDoS attacks, setting a…
SASE Model Proving Value Beyond Remote Work Scenarios
Gartner only coined the term SASE — secure access service edge — two years ago to describe a cloud-based service that combines SD-WAN networking with…
Paying Hackers’ Ransom Demands Is Getting Harder
If your data center’s ransomware recovery plan is to pay off the hackers with cryptocurrency, it’s time to rethink your strategy as regulators crack down.…
OMIGOD Vulnerability Exposes Virtual Machines Running Inside Azure
Late last month, researchers from cloud security firm Wiz found a new vulnerability that allows Azure users to access cloud databases of other users, breaking…
Zero-Trust Model Gains Luster Following Azure Security Flaw
Cloud use is at an all-time high, despite security worries. Last week’s ChaosDB vulnerability shows that enterprises need to adapt their security strategies and move…