(IN)SECURE Magazine Notifications RSS

Microsoft has confirmed that it, too, is among the companies who have downloaded the compromised SolarWinds Orion updates, but that they have isolated and removed them. “We have not found evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others,” the company stated on Thursday. Additional victims identified Along with the above statement, Brad Smith, Microsoft President and … More →

The post Microsoft was also a victim of the SolarWinds supply chain hack appeared first on Help Net Security.

Virtualization has brought a dramatic level of growth and advancement to technology and business over the years. It transforms physical infrastructure into dedicated, partitioned virtual machines (VM) that deliver critical cloud applications and services to multiple customer organizations using the same hardware. While one server would previously be tasked with one OS install, today’s servers can host multiple instances of Windows or Linux running concurrently to increase system utilization. Client virtualization is the next step … More →

The post 5 reasons IT should consider client virtualization appeared first on Help Net Security.

With chaos and uncertainty reigning, 2020 created near-perfect conditions for cybercriminals. The COVID-19 pandemic transformed the way we live and triggered a mass migration to digital channels as companies virtually replaced in-person interactions for employees and consumers alike. Nearly ten months in, the pandemic rages on, and cybersecurity threats are accelerating. While vaccine distribution is on the horizon, the pandemic’s economic and social fallout will take time to mend. Bad actors see opportunity during turbulent … More →

The post 2020 broke cybersecurity records, here’s what’s to come in the new year appeared first on Help Net Security.

Passwords are a source of many security risks, with recent LastPass research revealing IT teams are spending five hours a week on average dealing with password-related issues. A passwordless login experience, on the other hand, provides employees with a user-friendly and secure way of accessing their accounts and devices – no matter where they are. This eliminates many password-related risks, such as password reuse or failing to change default credentials, which means improved security and … More →

The post Imagining a professional life without passwords appeared first on Help Net Security.

There was a significant acceleration of cloud and colocation migrations, with 54 percent of IT leaders stating the pandemic has motivated their organization to move applications and workloads off-premise, according to an INAP survey. Additionally, IT leaders shared that their primary challenges for the upcoming year primarily center around adapting infrastructure and networking strategies for remote work or returns to the office. Despite pressure, IT pros reported some positive impacts Despite heightened pressure, IT pros … More →

The post Expedited shifts to hybrid infrastructure and remote work challenges appeared first on Help Net Security.

The cloud ITSM market size is expected to grow from $4.7 billion in 2020 to $12.2 billion by 2025, at a CAGR of 21.2% during the forecast period, according to MarketsandMarkets. The flexibility and agility of cloud-based models would support the IT service needs of enterprises. The leading CSPs/hyperscalers—Microsoft, IBM, and AWS—are expected to increase their CapEx primarily for data center expansion to support the increasing workload for their internal and external stakeholders. The increasing … More →

The post Cloud ITSM market size to grow to $12.2 billion by 2025 appeared first on Help Net Security.

Anomali has added new features and capabilities across its product suite that further automate and speed essential tasks performed by threat intelligence and security operations analysts. Customers deploying this latest version will improve overall detection and response, conduct more collaborative and faster threat investigations, and experience greater efficiency. To provide capabilities that work in real-world investigation scenarios, Anomali Threat Research analysts applied their expertise to aid in the design and development of pre-customized, themed threat … More →

The post Anomali automates and speeds essential tasks performed by threat intelligence appeared first on Help Net Security.

Offensive Security announced a new bounty program for user generated content. Members of the infosecurity community can now receive cash bounties for submitting vulnerable virtual machines to Offensive Security (OffSec) that are eligible to be incorporated into the Proving Grounds training labs. OffSec is the only security training provider to offer bounty payments for content submissions, providing tangible rewards to the infosec community and expanding the content available in OffSec’s training labs. “No matter how … More →

The post Offensive Security announces bounty program for user generated content appeared first on Help Net Security.

Sectigo has released multiple advancements to the company’s award-winning IoT Security & Identity Management Platform, making integration and management of secured connected devices even easier for OEMs and enterprises. The innovations include a PKI Client software development kit (SDK) for Sectigo IoT Manager and Secure Boot SDK, which eases development efforts and reduces time to market for manufacturers across industries. Sectigo’s all-in-one IoT security platform simplifies securing and authenticating connected devices, so that enterprises can … More →

The post Sectigo helps OEMs and enterprises secure their connected devices and products appeared first on Help Net Security.

IBM Security launched a new service that allows companies to experiment with fully homomorphic encryption (FHE) – an emerging technology designed to allow data to remain encrypted even while being processed or analyzed in cloud or third-party environments. The new IBM Security Homomorphic Encryption Services provide companies with education, expert support, and a testing environment for clients to develop prototype applications that can take advantage of FHE. With the growth of hybrid cloud, sensitive data … More →

The post IBM Security allows companies to experiment with fully homomorphic encryption appeared first on Help Net Security.

For those working remotely during the pandemic, changes to how work is done have significantly increased stress levels – and when we’re stressed, we’re more likely to make mistakes that result in sensitive data being inadvertently put at risk. Our 2020 Outbound Email Security Report revealed that stressed and tired employees are behind 37% of the most serious data leaks – caused by all-too-common culprits, including adding an incorrect recipient to an email, attaching the … More →

The post Stress levels are rising, but that doesn’t have to mean more security incidents appeared first on Help Net Security.

As many companies continue to grapple with a remote workforce, overall employee security measures become more critical, especially as many are relying on personal devices and networks for work. Manage company security The online survey, conducted by The Harris Poll on behalf of Dashlane among over 1,200 employed U.S. Americans, sheds light on how employees view and manage company security, and reveals they aren’t necessarily taking the security of their work accounts as seriously as … More →

The post How employees view and manage company security appeared first on Help Net Security.

37 percent of IT professionals rated rapid changes in their AD/AAD environment as the key impact of COVID-19 on their organization’s identity management team, a One Identity survey revealed. Given the unique challenges of the sudden shift to remote work amidst COVID-19, businesses should look toward integrating AD/AAD with a strong privileged access management (PAM) solution in order to harness the full value of AD and AAD, dramatically increasing the security of their IT environments. … More →

The post Migration delays prevent AD-centric zero trust security framework adoption appeared first on Help Net Security.

68% of SMB and mid-market business executives believe working with a managed service provider (MSP) helps them stay ahead of their competition, according to Infrascale. MSP adoption The research also suggests that the top reason that businesses opt to work with MSPs, chosen by 51% of respondents, is to save costs. The second most common reason survey respondents said they use an MSP is for increased security (46%). 96% of the respondents said that it … More →

The post Cost savings and security are key drivers of MSP adoption appeared first on Help Net Security.

Rice University researchers have discovered a more efficient way for social media companies to keep misinformation from spreading online using probabilistic filters trained with artificial intelligence. Combating misinformation on social media The new approach to scanning social media is outlined in a study presented by Rice computer scientist Anshumali Shrivastava and statistics graduate student Zhenwei Dai. Their method applies machine learning in a smarter way to improve the performance of Bloom filters, a widely used … More →

The post A new approach to scanning social media helps combat misinformation appeared first on Help Net Security.

CodeZero has launched the ZERO BrandCard, a digital identity card of the future, backed by LISNR to enable a secure and contactless digital identity exchange. Strategically tailored for the “new normal”, CodeZero’s future identity card pushes the envelope to what a business card can be. In one easy to access portal, a company can upload, design and digitize their corporate profile, brochures, and even an entire sales kit, saving time, cost, and the environment. An … More →

The post CodeZero ZERO BrandCard: Enabling a secure and contactless digital identity exchange appeared first on Help Net Security.

Okera announced the next evolution of the Okera Dynamic Access Platform (ODAP) and the introduction of the industry’s first “co-located” deployment mode for the Okera Adaptive Security Plane (OASP). This trailblazing innovation ensures consistency of policy enforcement at nScale (infinite scale). With Okera’s nScale, organizations can deploy OASP on the same infrastructure as existing compute resources and scale elastically with them. This eliminates the complexity of manually managing a separate cluster while also enabling Okera’s … More →

The post Okera launches adaptive security plane with nScale elasticity appeared first on Help Net Security.

NETSCOUT announced the extension of its Smart Perimeter Protection to AWS. The combination of NETSCOUT’s Cyber Investigator (NCI) and CyberStream software with new AWS packet access services helps contain costs and achieve better efficiencies in mitigating novel security threats as enterprises move applications to the cloud. As the threat surface expands, the solution uses packet data and powerful cyber analytics to get to the root cause of cybersecurity issues quickly. NETSCOUT has collaborated with AWS … More →

The post NETSCOUT extends its Smart Perimeter Protection to AWS appeared first on Help Net Security.

WekaIO announced that Weka File System (WekaFS), with its Kubernetes Container Storage Interface (CSI) plug-in, has successfully completed interoperability testing with Rancher Labs’ Kubernetes management platform. Together, the companies will offer enterprises an integrated, end-to-end tested solution that enables accelerated DataOps. With this certification, Rancher Labs (now a SUSE company) and Weka have joined each other’s Technology Alliance Partner Programs. A complete software stack for teams adopting containers, Rancher is a leading choice for enterprises … More →

The post WekaIO and Rancher Labs team up to help enterprises run containers and Kubernetes in production appeared first on Help Net Security.

CloudKnox Security extended support for serverless functions on Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP). The enhancement adds serverless functions to a substantial list of permissions management capabilities, including users, bots, service accounts, access keys, and other resources. The company also announced an integration with ServiceNow, the next step of many towards realizing CloudKnox’s next gen cloud security and permissions management vision. Together, the support for serverless functions and ServiceNow integration underscore … More →

The post CloudKnox extends support for serverless functions on AWS, Azure, and Google Cloud appeared first on Help Net Security.