This week Netskope hosted our annual executive briefing with the US Embassy in London, converted, in common with many events this year, into an online webinar. We wanted to take the opportunity to consider what impact this year’s unprecedented changes and uncertainty were having on the cybersecurity landscape.
In June, one research study found that the pandemic caused just over 40% of the entire US workforce to work from home full-time. Many businesses made the quick decision to allow employees to work remotely, scrambling to provide IT resources and remote-work tools on the fly. Now, many enterprises are doubling down and allowing employees to work from home for the foreseeable future.
As cybersecurity threats evolve, companies must adapt and rethink their security strategies. This means moving away from traditional technologies and towards new cybersecurity frameworks. One such framework is the NIST cybersecurity framework, which comprises five major functions: These five functions are the pillars of a well-rounded and effective cybersecurity strategy that is designed to improve a company’s capacity to counteract threats.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. With money in some form being the objective of most attacks, it comes as a bit of a shock and much (cynical) suspicion when a recent ransomware group donated some of their haul to charity….
This is a clash of virtualization titans: one virtual machine, the other a containerization technology. In reality, both are complementary technologies—as hardware virtualization and containerization each have their distinct qualities and can be used in tandem for combinatorial benefits. Let’s take a look at each to find out how they stack up against each other, as well as how the two can be used in tandem for achieving maximum agility.
In our previous blog we covered the first 10 of the NSA vulnerabilities currently targeted by Chinese hackers, here the remaining ones, again demonstrating the predictive power of our risk based vulnerability management tool Farsight
The limitations of traditional lending solution creates a room for innovation via Fintech. Fintech is able to address the challenges that conventional lending providers face by utilising a combination of different business models, technology, and innovative approaches. Indonesia’s fintech market looks like an open bottle of honey to me. The fintech market has grown by 16.3% with total investment in fintech companies reaching $176.75 million in 2019.
With Gartner releasing its latest Magic Quadrant for WAN Edge Infrastructure earlier this month, it seemed an appropriate time to explore the intersection of SD-WAN and SASE. Both of these technological approaches hold great promise and are large, billion-dollar markets, sharing the common goal of connecting users to the data and applications critical to doing their job. The two technologies demonstrate the increasing overlap and tightening linkage between networking and security investments.
Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers. The flaw, discovered by vulnerability researcher Slavco Mihajloski, opened up opportunities for cybercriminals to completely compromise WordPress sites. The flaw can be exploited if a user attempts to log into a Loginizer-protected website with a carefully-crafted username.
The latest exploit in the series of issues with cloud infrastructure software is called “ContainerDrip” (CVE-2020-15157)and in some cases it can cause you to leak your registry secrets to an attacker. The attack is actually a kind of secret or password leak using request forgery. Your client unintentionally makes an HTTP API request to the attacker’s endpoint where this request contains the container image registry secret.
