If you don’t know the state of your network, you’re like a blind pilot, inevitably headed for disaster. Fortunately, the market now offers many good software solutions, both commercial and open source, for network monitoring.

The scale of the challenge facing the healthcare sector, even before COVID-19, was significant. In 2020, it became even more pressing with constant reports of critical infrastructure being targeted by cybercriminals. To understand the unique challenges within the NHS, we submitted a Freedom of Information (FOI) request to every trust in the UK.* The results, when compared with those in relation to a previous request in 2018, suggest improvements in cyber security across the NHS. Key Findings.

At the time it was first introduced, a penetration test accurately represented how an attacker was likely to target a network. Today, that is no longer the case. As digital networks and business processes have evolved, so too have their security needs.

Attaining a strong cyber security posture is a multi-layered process and includes various essential components. Among those, insider threat detection holds unignorable importance. Therefore, it is crucial to obtain a deeper understanding of what insider threat detection is. Basically, an insider threat is a security risk that’s originated within the boundaries of the organization itself. Unlike outside attacks, insider threats are mainly caused by employees.

There are few books in history that are still considered to be as valuable today as when they were written and “The Art of War” is one of them. Written in 5th Century BC, it is still considered today to be essential reading in many fields, including business. It has been quoted in a ton of movies, books and media more times than you can probably count.

In April 2020, MalwareHunterTeam found a number of suspicious files in an open directory and posted about them in a series of tweets. Trend Micro later confirmed that these files were part of the first cryptojacking malware by TeamTNT, a cybercrime group that specializes in attacking the cloud—typically using a malicious Docker image—and has proven itself to be both resourceful and creative.

The biggest fundamental shift in the era of digital transformation is that data is no longer on a CPU that the enterprise owns. Security teams focused on cloud must invest in the right technology to achieve more complete data protection, and we all need to ensure Zero Trust principles are applied everywhere data needs protection. At Netskope, we describe this as Zero Trust Data Protection. In its simplest form, Zero Trust means: Don’t trust the things you do not need to trust.

Hey there, We recently ran a series of webinars* on how different-sized cybersecurity teams modernized their security operations and embedded polling questions within the webinars to gather some feedback. A set of possible answers was selected based on the ENISA NIS Investments report. In this blog post I’d like to share the results of the polls and the conclusions we can draw from them.

In January and February of 2021, the threat actor called Hafnium used a number of post-exploitation tools after gaining access to Exchange servers through a zero-day exploit. One of their persistence methods was creating new user accounts in the domain, giving them the ability to log back into the network using normal authentication rather than use a web shell or continue to re-exploit the vulnerability (which has since been patched).