This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On August 04, 2023

Monday 7/31

Making Zero Standing Privileges a Reality (CyberArk)

The most significant change in the lifespan of identity security thus far is zero standing privileges (ZSP). Considered to be the next evolution of just-in-time (JIT) access, although it may seem needlessly complex at first, once you wrap your head around the concept, it feels as natural as turning off lights when you leave a room.

https://bit.ly/457DKZX

Build Strong, Secure Browsing Habits During—and Before—Cybersecurity Awareness Month (Proofpoint)

Web browsers have security features that will alert you to unsafe possibilities. But they won’t prevent taking an unsafe action. It’s up to each person to stop, think, and act or react. That’s why security awareness education is an essential part of helping users understand how to recognize threats and apply their knowledge to real-world situations.

https://bit.ly/3OiyDzu

Tuesday 8/1

System is Armed! ft. Bryon Singh, RailWorks Corporation

https://www.gothamtg.com/blog/system-is-armed

Boost Splunk by Maximizing Server Utilization with Containers & Pure (Pure Storage)

Organizations are amassing data at an exponential rate. According to the latest estimates, 328.77 million terabytes, or 0.33 zettabytes of data, is created every day. Over the past decade, businesses have harnessed this “big data” to unlock new possibilities and enhance analytical capabilities. Now, it’s time to accelerate those.

https://bit.ly/3rKv9Os

Improve Your Security Posture with the Essential Eight (Arctic Wolf)

The eight mitigation strategies focus on prevention, limitation, and recovery — and are ranked on four levels of maturity, from Level 0, which signifies weaknesses in the organization’s overall cybersecurity posture, to Level 3, which focuses on mitigating adversaries that are skilled in exploiting their target’s weaknesses.

https://bit.ly/3Opi2Ku

Wednesday 8/2

How to Augment or Replace Your SIEM with the CrowdStrike Falcon Platform (CrowdStrike)

Modern SIEM systems extend beyond log management to deliver full threat detection, investigation and response. To take advantage of this broader set of use cases, you need additional capabilities including analytics, intelligence and managed services.

https://bit.ly/452AX4m

Your First Line of Defense Against Ransomware: SASE (Check Point)

Statista says that 71% of global businesses felt the impact of ransomware trends. A total of 62.9% of the ransomware victims paid the ransom. They use myriad techniques and tools to infiltrate networks, applications and computers as they lay the groundwork for the ransom demand. This is why a Secure Access Service Edge (SASE) solution that focuses on protecting these assets against ransomware is your first line of defense against attackers.

https://bit.ly/43TJqWD

Thursday 8/3

6-Step Ransomware Response Plan (Veeam)

Since attacks are so common, knowing how to recover quickly from a ransomware attack is essential. Critical aspects of your ransomware recovery plan should include hardening systems, rigorous prevention measures, ransomware detection and response, recovery and restoration measures, and plans to inform relevant authorities and affected parties.

https://bit.ly/3QiIUhI

Novel Worm-Like Malware P2Pinfect Targets Redis Deployments

After gaining a foothold, P2Pinfect demonstrates worm-like behavior, actively attempting to spread to other hosts on the network. It scans for exposed Redis and SSH servers and uses a list of passwords to try brute-force attacks.

https://bit.ly/45bVjYP

Friday 8/4

Ransomware Roundup - DoDo and Proton (Fortinet)

DoDo ransomware was first reported in February this year. It is a variant of the widely reported and observed Chaos ransomware. Because it is a derivative, the DoDo ransomware is not considered to be a new and recent ransomware. However, a slightly different version of the DoDo ransomware has recently emerged.

https://bit.ly/3YntJWp