Hackers tried two methods of exploiting a zero-day vulnerability in Sophos' XG firewall, but Sophos says it made a temporary fix that mitigated the risks. Attackers originally attempted to plant a Trojan, but then switched to ransomware.
Internet usage around the world is shifting as a result of COVID-19. We are seeing an increase of 10-30% traffic across the board. As companies face a sudden surge in traffic, it is important that they ensure the availability of critical systems that serve their customers and employees.
Join Anand Guruprasad,...
A recently discovered cyber-espionage toolkit called Ramsay is designed to infiltrate air-gapped networks to steal documents, take screenshots and compromise other devices, according to the security firm ESET.
Security experts and law enforcement officials have long argued that paying ransoms doesn't pay. For starters, it directly funds the cybercrime ecosystem and makes it attractive for criminals to keep launching ransomware attacks.
Cloud computing has transformed how we consume and deploy IT solutions. Compute power is rapidly evolving to a utility model,
with shared infrastructure at its core. This shared infrastructure underpinning the cloud revolution has also driven a fundamental
shift in how we design and deploy technology within the data...
Done right, a zero trust architecture can reduce the complexity of one's environment while also improving cybersecurity protection and efficiency. Bob Reny of ForeScout focuses on three critical considerations: visibility, compliance and control.
The latest edition of the ISMG Security Report analyzes the privacy issues raised by COVID-19 contact-tracing apps. Also featured: An update on efforts to fight fraud tied to economic stimulus payments; John Kindervag on the origins of "zero trust."
Companies are often reluctant to begin their Zero Trust journey because they believe it is difficult, costly, and disruptive but building Zero Trust networks is actually much simpler than building legacy 20th-century hierarchical networks. There is a five-step methodology that, when followed, supports the ease of...
CISA issued a warning to organizations running Pulse Secure VPN servers that their networks may still be vulnerable to hacking even if they applied patches for a previous flaw. Attackers are now using stolen Active Directory credentials to access networks.
While CIOs are leading digital transformation projects designed to meet the needs of businesses, CISOs are seeking tighter controls because these projects open up new risks and increase the attack surface, says Zscaler's Sudip Banerjee, who offers a way to strike a balance.
Ten years since he coined the term "zero trust," John Kindervag, field CTO of Palo Alto Networks, sees CISOs increasingly being faced with the challenge of having to implement the "never trust, always verify" model across increasingly complex IT environments, including cloud and IoT.
Vulnerability management is about more than scan-and-patch. Scanners fall short in their ability to consider existing solutions - and past investments in - security controls, and fail to identify the riskiest vulnerabilities and best actions.
Download the e-book to get the details on Skybox's unique approach to...
You can't protect what you can't see. But that's the challenge facing many security programs today - limited visibility of the attack surface, decentralized management of a heterogeneous environment, and plenty of data but little context.
That's why Skybox has packed a powerhouse of solutions into our product suite...
Most security breaches today are not the result of zero-day attacks, but exploitation of security issues such as misconfigured firewalls and ineffective vulnerability management strategies.
Download the e-book to learn how Skybox uses intelligent automation to simplify and improve the management of security policy,...