NSA Releases Guidance on Zero Trust Security Model
CISA encourages administrators and organizations review NSA’s guidance on Embracing a Zero Trust Security Model to help secure sensitive data, systems, and services.
Cloud Kickoff Guide: Starting your cloud journey on the right foot (Citrix)
We saw an opportunity to condense the basic, foundational information all our Citrix Cloud customers need into a single resource — almost like a pre-planning guide — to serve as an approachable complement to our many in-depth technical onboarding resources.
Pandemic Cyber Crime, By the Numbers (CyberArk)
As we approach the one-year mark, here’s a look back at some of the most eye-opening industry cybersecurity statistics from this period of unprecedented change.
ObliqueRAT Trojan now lurks in images on compromised websites
Previously, Microsoft Office documents would be sent via phishing emails to a target that contained malicious macros leading to the direct deployment of ObliqueRAT. Now, however, these maldocs are directing victims to malicious websites instead -- likely in a bid to circumvent email security controls.
Mobile Authentication on IGEL Devices with Citrix Workspace
The combinations of authentication apps and thin clients are endless nowadays. With the many different types of technologies out there though, not every combination has been documented. At a recent customer engagement, there was a combination of products that isn’t very common, at least not yet, being implemented in an IGEL environment.
Vulnerabilities, Threats, Exploits and Their Relationship to Risk (F5)
The tale of The Three Little Pigs can teach us more than you think about cybersecurity risk. F5 Labs explains here.
Palo Alto Networks Completes Acquisition of Bridgecrew
Palo Alto Networks will build on Bridgecrew's platform innovations with enhanced capabilities, including adding new frameworks, expanding the number of checks and increasing the depth of coverage.
Mitigate Microsoft Exchange On-Premises Product Vulnerabilities
Successful exploitation of these vulnerabilities allows an attacker to access on-premises Exchange Servers, enabling them to gain persistent system access and control of an enterprise network.
COVID-19 website warning: rise in vaccine-related domain registrations means increased risk of scams (Check Point)
Check Point Research (CPR) confirms that the number of domains featuring the word “vaccine” in their title has significantly increased over the past 4 months, as the global vaccine rollout was being prepared and launched.
Protecting Against Evolving Ransomware Attack Trends (Fortinet)
Ransomware leverages social engineering attacks, preying on fears as a way to execute malicious code on devices. With this in mind, cyber hygiene must start as a board-level conversation.
Microsoft: We're cracking down on Excel macro malware
Microsoft is expanding the integration of its AMSI with Office 365 to include the scanning of Excel 4.0 XLM macros at runtime, bringing AMSI in line with VBA.
XDR: Making an Impact on the SOC (FireEye)
XDR promises to provide better technology integration between data sources and security operations to accelerate detection and response, all while reducing integration and security engineering headaches that plague SecOps teams today.