A Defense-in-Depth Strategy to Phishing Prevention (Proofpoint)
As the threat landscape continues to evolve, organizations need to invest in multilayered defenses to stop threats that target people. It’s important to shift budgets as necessary to the threats causing the greatest risk and impact to organizations.
Key Findings from the 2H 2021 FortiGuard Labs Threat Report (Fortinet)
The 2021 threat landscape presented several new challenges for security teams. But while some threats came to light for the first time, others proved themselves to be omnipresent, continuing to cause as much damage as they have in past years.
ICYMI: Gotham CTO Ken Phelan and Cyber Aegis President Charles Blauner discussed the top themes driving #cyber innovation in this month’s CTO Tech Talk.
Threat Update 80 - Introduction to AWS Identity and Access Management (IAM) (Varonis)
The Varonis Cloud Architecture team compare and contrast Amazon Web Services Identity and Access Management against a traditional on-prem setup with Active Directory.
Cloud vs. “Traditional” IT Compliance (Check Point)
Having native security tools relevant to each platform alone will not help you have a fully compliant environment; there can still be vulnerabilities and security flaws in both hybrid and multi-cloud environments due to complex integrations that can easily become blind spots.
FlashBlade: Storage for Modern, Data-centric Organizations (Pure Storage)
To stay competitive, organizations need to efficiently leverage unstructured data and power their modern applications. Flash-native storage will be pivotal to success.
CISA Adds 15 Known Exploited Vulnerability to Catalog
CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below.
Secure, Productive Hybrid Working From Any Endpoint Device With Citrix and IGEL
Citrix and IGEL deliver an immersive and high-fidelity unified communications and multimedia user experience within VDI or cloud workspace environments, providing Microsoft Teams and Zoom as a Citrix App client with HDX optimization.
Microsoft: Here's how this notorious botnet used hacked routers for stealthy communication
Microsoft has filled in one detail about how the TrickBot gang's IoT C2 devices, namely compromised MikroTik routers, were being used since 2018 for stealthy communication with infected PCs.
PCI Security Standards Council Blog Updates- PCI DSS Version 4.0
The current standard PCI DSS version 3.2.1 will remain effective until March 31, 2024, when PCI DSS version 4.0 will be the only active version. A transition period will exist between March 2022 and March 31, 2024, where both versions will be active.
Endpoint Credential Theft: How to Block and Tackle at Scale (CyberArk)
Trying to patch every identity-centric weakness individually, vulnerability management teams quickly find themselves back in a never-ending game of whack-a-mole.
Revolutionize Firewall Operations with Industry First AIOps for NGFW (Palo Alto Networks)
AIOps for NGFW redefines firewall operational experience by interpreting, predicting and resolving problems before they become business impacting.