Latest Cybersecurity Articles

Enterprises See Exponential Growth in log4jshell Attacks

Enterprises See Exponential Growth in log4jshell Attacks

  The Apache Log4j library is a Java-based logging tool that is ubiquitous in enterprise applications. The vulnerability known as Log4Shell, first reported on Dec.…

Trust no one: New technology platforms expand the attack surface

Trust no one: New technology platforms expand the attack surface

Next year, AT&T, Verizon and T-Mobile all plan to shut down their 3G networks, even as 5G rollouts continue around the country and around the…

On-prem-as-a-service comes into its own during pandemic

On-prem-as-a-service comes into its own during pandemic

Many companies accelerated their move to the cloud during the pandemic – including cloud-based computing, and, with SASE, cloud-based networking and security as well. But…

SolarWinds Hackers Step Up Attacks Against IT Services Firms

SolarWinds Hackers Step Up Attacks Against IT Services Firms

Late last year, we learned that Russian state actors compromised SolarWinds Orion, a widely used network monitoring tool, and were able to access the systems of…

Post-Pandemic, Data Centers Adapt to “New Normal”

Post-Pandemic, Data Centers Adapt to “New Normal”

For data center managers, the pandemic has changed everything. And we are not going back, at least, not anytime soon. And when we can go…

Cloud Identity Is “New Normal” Replacement for On-Prem Tools

Cloud Identity Is “New Normal” Replacement for On-Prem Tools

Today’s data center has very little in common with that of a few years ago. The old model of on-prem servers surrounded by a tough,…

API Attacks, Breaches Piling Up

API Attacks, Breaches Piling Up

In August, dozens of organizations using Microsoft Power Apps inadvertently exposed 38 million records — COVID-19 contact tracing, job applicants’ Social Security numbers, and even…

Five Functions That Benefit From Cybersecurity Automation

Five Functions That Benefit From Cybersecurity Automation

Data center cybersecurity managers have had it tough this pandemic. During the first half of 2021, bad actors launched 5.4 million DDoS attacks, setting a…

SASE Model Proving Value Beyond Remote Work Scenarios

SASE Model Proving Value Beyond Remote Work Scenarios

Gartner only coined the term  SASE  — secure access service edge — two years ago to describe a cloud-based service that combines  SD-WAN networking  with…

Paying Hackers’ Ransom Demands Is Getting Harder

Paying Hackers’ Ransom Demands Is Getting Harder

If your data center’s ransomware recovery plan is to pay off the hackers with cryptocurrency, it’s time to rethink your strategy as regulators crack down.…

OMIGOD Vulnerability Exposes Virtual Machines Running Inside Azure

OMIGOD Vulnerability Exposes Virtual Machines Running Inside Azure

Late last month, researchers from cloud security firm Wiz found a  new vulnerability  that allows Azure users to access cloud databases of other users, breaking…

What to expect from SASE certifications

What to expect from SASE certifications

Secure access service edge (SASE) is a network architecture that rolls SD-WAN and security into a single, centrally managed cloud service that promises simplified WAN…

Zero-Trust Model Gains Luster Following Azure Security Flaw

Zero-Trust Model Gains Luster Following Azure Security Flaw

Cloud use is at an all-time high, despite security worries. Last week’s  ChaosDB vulnerability  shows that enterprises need to adapt their security strategies and move…

Microsoft Azure Vulnerability ‘Breaks Secure Multitenancy’

Microsoft Azure Vulnerability ‘Breaks Secure Multitenancy’

Last week, researchers from cloud security firm Wiz reported a new vulnerability in Microsoft Azure’s managed database service, Cosmos DB, that they called the worst they’ve…

Taking a Close Look at the $2B for Cybersecurity in the $1T US Infrastructure Bill

Taking a Close Look at the $2B for Cybersecurity in the $1T US Infrastructure Bill

The 2,700-page $1 trillion infrastructure bill passed by the US Senate earlier this month still has the House of Representatives to get through. In addition to…

What is a managed service provider? Strategic outsourcing for IT services explained

What is a managed service provider? Strategic outsourcing for IT services explained

Managed service provider defined A managed service provider (MSP) is an outsourcer contracted to remotely manage or deliver IT services such as network, application, infrastructure,…

Ransomware recovery: 8 steps to successfully restore from backup

Ransomware recovery: 8 steps to successfully restore from backup

According to a  ransomware survey report  released in June by Keeper Security, 49% of companies hit by ransomware paid the ransom–and another 22% declined to…

Why CISA’s China Cyberattack Playbook Is Worthy of Your Attention

Why CISA’s China Cyberattack Playbook Is Worthy of Your Attention

At first glance, last week’s advisory on state-sponsored China cyberattacks by the FBI and the Cybersecurity and Infrastructure Security Agency is nothing new. It outlines…

The Kaseya Ransomware Attack Is a Wakeup Call for MSP-Reliant IT Shops

The Kaseya Ransomware Attack Is a Wakeup Call for MSP-Reliant IT Shops

Managed service providers, the vendors companies hire to manage their IT infrastructure, have been having a second banner year in a row. The pandemic-driven switch…

Security Problems Worsen as Enterprises Build Hybrid and Multicloud Systems

Security Problems Worsen as Enterprises Build Hybrid and Multicloud Systems

Hybrid and multi-cloud architectures are all the rage in enterprise IT infrastructure. But enabling the flexibility to deploy the right tool for each task requires…

Botnet attacks on APIs: Why most companies are unprepared

Botnet attacks on APIs: Why most companies are unprepared

As companies move applications to the cloud and expose functionality via application programming interfaces (APIs), criminals have been moving quickly to take advantage of this…

Pressure Grows for Federal Data Breach Legislation

Pressure Grows for Federal Data Breach Legislation

Cybersecurity is a major priority for U.S. President Joe Biden. It was at the top of the agenda at last week’s summit with Russian President…

Russian Cybercrime: Is Extradition Ahead?

Russian Cybercrime: Is Extradition Ahead?

The international community is putting increased pressure on Russia to stop protecting its cybercriminals. But while Russian President Vladimir Putin has made some positive statements,…

Is the US Government Doing Enough About Ransomware?

Is the US Government Doing Enough About Ransomware?

FBI’s seizure of $2.3 million worth of bitcoin Colonial Pipeline paid a ransomware gang to unlock its data was just the latest in a series…

How API attacks work, and how to identify and prevent them

How API attacks work, and how to identify and prevent them

In early May, fitness company Peloton announced that it had exposed customer account data on the internet. Anyone could access users’ account data from Peloton’s…

Report: Cloud Security Breaches Surpass On-Prem Ones for the First Time

Report: Cloud Security Breaches Surpass On-Prem Ones for the First Time

Most cybersecurity incidents now involve cloud infrastructure, according to the latest Verizon Data Breach Investigations Report (DBIR). The annual report is the most researched of…

Pandemic, AWS Bombing Plot Heighten Data Center Physical Security Concerns

Pandemic, AWS Bombing Plot Heighten Data Center Physical Security Concerns

This relatively chaotic period has made data center operators increasingly worried about their facilities’ physical security. This had been true even before FBI announced the…

Confidential Computing: Arm Builds Secure Enclaves for the Data Center

Confidential Computing: Arm Builds Secure Enclaves for the Data Center

Arm chips for mobile and IoT devices have supported secure enclaves — a concept known as confidential computing — for years. It’s called the Arm…

Security Tech Based on Each Chip’s Unique ‘Fingerprint’ Comes to Data Centers

Security Tech Based on Each Chip’s Unique ‘Fingerprint’ Comes to Data Centers

The composable data center platform Fungible unveiled earlier this year has a number of new approaches to computing infrastructure. Its users can scale compute, storage,…

Tips and tactics of today’s cybersecurity threat hunters

Tips and tactics of today’s cybersecurity threat hunters

Threat hunting isn’t just for the biggest organizations anymore. As the SolarWinds attack demonstrated, any size company can be vulnerable to stealthy attackers who worm…