Malicious hackers have been exploiting thousands of legitimate websites since at least December 2017 in a sophisticated campaign that has disguised malware as fake software updates. Security researchers at MalwareBytes report that they have uncovered evidence of thousands of compromised websites running popular content management systems (CMS) such as SquareSpace, WordPress and Joomla.

May 25th 2018 is coming fast. Do you have the audit detail necessary to meet General Data Protection Regulation compliance objectives?

Security incidents are increasing with each passing day. Some of the recent incidents have impacted globally and resulted in catastrophic damages to organizations. The interlinked and complex information technology infrastructure, on which the whole world relies, provides ample space and opportunities for incidents to escalate into disaster.

Security incidents are increasing with each passing day. Some of the recent incidents have impacted globally and resulted in catastrophic damages to organizations. The interlinked and complex information technology infrastructure, on which the whole world relies, provides ample space and opportunities for incidents to escalate into disaster. An effective and planned response to incidents can become the reason for company’s existence after an incident occurs.

IT security breaches have become a norm of the day at innumerable organizations around the world. Most of the attacks indicate that the enterprises should highly focus on their mitigation capabilities, incident detection, and investigation processes. Preventing highly sophisticated cyber attacks is a daunting task unless companies have the capability to detect and then respond quickly.

In 2017, ransomware attacks clearly dominated the cybersecurity landscape. WannaCry, Petya, Not Petya, Adylkuzz, Bad Rabbit, Cerber, etc. are just a few names that did the rounds in the last year. Lucrative payments is one of the most prominent reasons which has lured in many attackers to launch multiple ransomware campaigns in the last couple of decades. Though we are yet to see a major ransomware attack this year, activities of cyberspace are unpredictable.

Recently the Economist published two articles that discussed the increasing use of AI and employee monitoring in the workplace. Veriato is pleased that we were referenced in both of these articles. We feel they did a good job of presenting a balanced view of the benefits both AI and employee monitoring offer, as well as the potential downsides if they are not implemented and used wisely.

The amount of private content being collected, shared, and stored is growing at an alarming rate. It’s no surprise that the means to classify, share and control what matters is fast-becoming business’ biggest challenge. The traditional method of stacking file servers doesn’t scale or support the collaboration necessary to stay competitive.

The war between security experts charged with the responsibility of protecting information and cyber-criminals who threaten to compromise the integrity of data for different entities has become a cat and mouse game. For instance, as soon as white hats counter one form of malicious behavior using encryption tools, there is the almost immediate development of yet another malevolent form of threat for information systems.

Today, I will be going over Control 18 from version 7 of the top 20 CIS Controls – Application Software Security. I will go through the eleven requirements and offer my thoughts on what I’ve found.