Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Did you know that nearly 560,000 new instances of malware are detected every day? As cybersecurity advances, threat actors develop malware with new tricks that exploit weaknesses in an IT environment. Once the malware finds a loophole, it spreads exponentially like a disease, corrupting files, exfiltrating data, redirecting traffic to other destinations, and performing other malicious activities. Malware can spread at a jaw-dropping rate.

iOS has always been considered a safe haven when it comes to mobile application security. Every year this operating system tries to come up with more and more efficient updates to make life easy for its users and the respective application and security service providers. However, for tech-savvy users, these timely improvements may not sound enough and there are always people who consider that there is room for more improvement. And hence comes the term ‘Jailbreaking’.

Many different types of IT security risks can affect a business. It is essential to know about the implications, how cyber risks can be identified and what you need to protect against them. In this connected world, cyber attacks are a common occurrence. As long as the internet exists, there will be information security risks and malicious attacks that come with it. Ranging from minor nuisances to devastating consequences, hackers never seem to stop attacking your data!

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Quite a bumper crop this week! First up is evidence that the swiped gun holder data from a week or so ago has now surfaced for use. Troubling time ahead for a number of people.

We all witnessed how merciless 2020 was for a wide range of organizations. Even the mightiest, most prestigious companies and enterprises are not exempt from the deadly grasp of sophisticated cyber attacks. What this means for security professionals is that they should take a proactive, rather than a reactive stance. But how do you anticipate the unknown? Many security professionals would wonder.

In the past year, IT services have gone through a world of change. There are more remote workers, hybrid work models, cloud services, and mobile devices. It is finally safe to say that the classic perimeter no longer exists. In fact, you might go one step further and say that identity is the new perimeter. The ability for end-users to access any applications from any device from anywhere has put securing identities and their access privileges near the top of any Zero Trust security strategy.

Vendor tiering is a method of classifying vendors based on the level of security risk they introduce to an organization. The level of security criticality decreases with each subsequent level. The number of tiering levels depends on personal preference. The basic vendor tiering structure consists of three levels - Tier 1, Tier 2, Tier 3, where Tier 1 represents high-risk vendors. Each vendor could be assigned to a tier manually, or the process could be based on a security questionnaire scoring system.

A botnet is a network of malware-infected devices used to launch coordinated attacks either against a single target, like during a DDoS attack, or multiple targets like during email phishing attacks. All infected machines in a botnet are remotely controlled by a single cyber attacker that could be located anywhere in the world.