This post outlines why endpoint telemetry is now fundamental to reducing the time taken to identify and remediate security incidents.

Preparation is as essential in cyber security as it is in any other walk of life. To effectively defend against the latest threats, a proactive approach is required, whereby security controls and processes are regularly assessed to ensure they are fit for purpose.

Zerologon (CVE-2020-1472) is a critical vulnerability in the Windows Server Netlogon process authentication process. Following our recent Security Advisory, immediate patching of the vulnerability is strongly advised. To help determine whether your organisation has been compromised as a result of an attacker exploiting the vulnerability (even prior to a patch being installed), Redscan Labs has developed a Zerologon detection tool.

Cloud security is the implementation of security controls to protect confidential information stored in cloud environments and reduce the risk of data breaches. Effective cloud security involves regularly assessing and hardening defences, ensuring broad threat visibility and rapidly responding to threats.

A critical CVSS:10 vulnerability (CVE-2020-1472) in the Microsoft Netlogon process was patched in the August patch cycle, but details were not made public until earlier this week (14th September).

During the COVID-19 pandemic, more UK employees have worked from home than ever before. According to a YouGov survey, around one in five people went from never working from home to doing so constantly. Coronavirus and the resulting lockdown have significantly increased cyber security risks for organisations, with many lacking sufficient controls to protect workers outside the workplace. This has been compounded by threat actors seeking to exploit the crisis.

We asked our Head of Threat Intelligence, George Glass, to share his expert view on the threats that security teams need to be aware of and to tell us what it is he loves about working in the industry.

Some organisations fully outsource their cyber security requirements to MSSPs, while others only outsource specific aspects. MSSPs differ from MSPs (Managed Service Providers) in that they specialise in cyber security. By contrast, MSPs are more focused on the remote management of IT infrastructure. Many MSPs do offer security services but, owing to the highly specialised nature of cyber security, some chose to partner with MSSPs.

We have been shortlisted for: The Cyber Security Awards were established in 2014 to reward the best individuals, teams and companies within the cyber security industry. Excellence and innovation are core themes throughout all categories. The winners this year will be announced in a virtual ceremony held on September 10th at 5 pm BST. Organiser, Christina Price, said “Despite the challenges of 2020, we have received a record number of entries.

In March 2020, Redscan sent Freedom of Information (FOI) requests to 134 universities across the UK. The aim was to understand more about the frequency of data breaches in the sector and some of the steps institutions are taking to prevent them. The focus on universities was due to the integral role these organisations play in conducting world-changing research and shaping the skills and knowledge of the workforce. The results of the FOI request are available to download in a short report.