Latest Cybersecurity Articles

Why DevOps pipelines are under attack and how to fight back

Feb 22, 2022

In mid-2017, Russian state-sponsored attackers installed a malicious worm in a Ukrainian financial software package. When businesses updated their software, it became infected. The worm,…

As Concerns About Ukraine Mount, Gov’ts Issue Ransomware Alert

Feb 16, 2022

The first international joint advisory about ransomware was issued last week as concerns mount about a potential Russian invasion of Ukraine. Tensions rose even higher on…

By Looking at the Past, New Cyber Board Can Prepare Us for the Future

Feb 16, 2022

The Department of Homeland Security launched the country’s first Cyber Safety Review Board this month, a private-public initiative designed to improve cybersecurity. The CSRB will start…

Latest Cisco VPN Router Vulnerabilities Pose Risks To Small Businesses – And Their Partners

Feb 9, 2022

Last week, Cisco disclosed 15 vulnerabilities in Cisco routers, including five with “critical” severity ratings. The vulnerabilities, which affect the Cisco Small Business RV160, RV260, RV340, and…

Denial of Service Attacks Expected To Get Bigger, Nastier

Feb 8, 2022

A distributed denial of service (DDoS) attack can take down a company’s infrastructure, communications, applications, or other services. It costs money to recover from such…

Top Three Use Cases for AI in Cybersecurity

Feb 3, 2022

Cybersecurity professionals are facing an unprecedented threat environment, with record-high numbers of attacks, shortage of qualified staff, and increasing aggression and sophistication from nation-state actors.…

Cato adds fine-grained CASB controls to SASE platform

Feb 1, 2022

SASE vendor Cato Networks is adding fine-grained cloud access security broker (CASB) controls to its platforms. When employees working from home or branch locations log…

Top 10 outages of 2021

Jan 31, 2022

The biggest outages of 2021 had one thing in common: they affected major infrastructure or services providers and, as a result, affected large numbers of…

Data residency laws pushing companies toward residency as a service

Jan 26, 2022

Data residency laws require that companies operating in a country keep data about its citizens on servers located in that country. For companies that have…

Log4Shell Vulnerability Highlights Software Supply Chain Issues

Jan 11, 2022

Open source software has eaten the world, but last month’s Log4Shell vulnerability chaos highlights the potential dangers when enterprises don’t treat it with the respect it deserves.…

Looking Forward to 2022: What To Expect in Cybersecurity

Dec 17, 2021

Winston Churchill said, “Generals are always prepared to fight the last war.” He said this like it was a mistake. But in cybersecurity, we must…

Enterprises See Exponential Growth in log4jshell Attacks

Dec 15, 2021

  The Apache Log4j library is a Java-based logging tool that is ubiquitous in enterprise applications. The vulnerability known as Log4Shell, first reported on Dec.…

Trust no one: New technology platforms expand the attack surface

Nov 23, 2021

Next year, AT&T, Verizon and T-Mobile all plan to shut down their 3G networks, even as 5G rollouts continue around the country and around the…

On-prem-as-a-service comes into its own during pandemic

Nov 22, 2021

Many companies accelerated their move to the cloud during the pandemic – including cloud-based computing, and, with SASE, cloud-based networking and security as well. But…

SolarWinds Hackers Step Up Attacks Against IT Services Firms

Nov 5, 2021

Late last year, we learned that Russian state actors compromised SolarWinds Orion, a widely used network monitoring tool, and were able to access the systems of…

Post-Pandemic, Data Centers Adapt to “New Normal”

Oct 27, 2021

For data center managers, the pandemic has changed everything. And we are not going back, at least, not anytime soon. And when we can go…

Cloud Identity Is “New Normal” Replacement for On-Prem Tools

Oct 26, 2021

Today’s data center has very little in common with that of a few years ago. The old model of on-prem servers surrounded by a tough,…

API Attacks, Breaches Piling Up

Oct 14, 2021

In August, dozens of organizations using Microsoft Power Apps inadvertently exposed 38 million records — COVID-19 contact tracing, job applicants’ Social Security numbers, and even…

Five Functions That Benefit From Cybersecurity Automation

Oct 6, 2021

Data center cybersecurity managers have had it tough this pandemic. During the first half of 2021, bad actors launched 5.4 million DDoS attacks, setting a…

SASE Model Proving Value Beyond Remote Work Scenarios

Sep 30, 2021

Gartner only coined the term  SASE  — secure access service edge — two years ago to describe a cloud-based service that combines  SD-WAN networking  with…

Paying Hackers’ Ransom Demands Is Getting Harder

Sep 26, 2021

If your data center’s ransomware recovery plan is to pay off the hackers with cryptocurrency, it’s time to rethink your strategy as regulators crack down.…

OMIGOD Vulnerability Exposes Virtual Machines Running Inside Azure

Sep 22, 2021

Late last month, researchers from cloud security firm Wiz found a  new vulnerability  that allows Azure users to access cloud databases of other users, breaking…

What to expect from SASE certifications

Sep 16, 2021

Secure access service edge (SASE) is a network architecture that rolls SD-WAN and security into a single, centrally managed cloud service that promises simplified WAN…

Zero-Trust Model Gains Luster Following Azure Security Flaw

Sep 3, 2021

Cloud use is at an all-time high, despite security worries. Last week’s  ChaosDB vulnerability  shows that enterprises need to adapt their security strategies and move…

Microsoft Azure Vulnerability ‘Breaks Secure Multitenancy’

Aug 31, 2021

Last week, researchers from cloud security firm Wiz reported a new vulnerability in Microsoft Azure’s managed database service, Cosmos DB, that they called the worst they’ve…

Taking a Close Look at the $2B for Cybersecurity in the $1T US Infrastructure Bill

Aug 27, 2021

The 2,700-page $1 trillion infrastructure bill passed by the US Senate earlier this month still has the House of Representatives to get through. In addition to…

What is a managed service provider? Strategic outsourcing for IT services explained

Aug 12, 2021

Managed service provider defined A managed service provider (MSP) is an outsourcer contracted to remotely manage or deliver IT services such as network, application, infrastructure,…

Ransomware recovery: 8 steps to successfully restore from backup

Aug 12, 2021

According to a  ransomware survey report  released in June by Keeper Security, 49% of companies hit by ransomware paid the ransom–and another 22% declined to…

Why CISA’s China Cyberattack Playbook Is Worthy of Your Attention

Jul 27, 2021

At first glance, last week’s advisory on state-sponsored China cyberattacks by the FBI and the Cybersecurity and Infrastructure Security Agency is nothing new. It outlines…

The Kaseya Ransomware Attack Is a Wakeup Call for MSP-Reliant IT Shops

Jul 13, 2021

Managed service providers, the vendors companies hire to manage their IT infrastructure, have been having a second banner year in a row. The pandemic-driven switch…