This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On July 24, 2020

Monday 7/20

Cisco releases security fixes for critical VPN, router vulnerabilities

Over this week, Cisco added its own contribution, with the networking giant releasing patches for 34 bugs, the most severe of which can be exploited to conduct remote code execution and privilege escalation attacks.

Check Point IoT Protect Uses Automation and Threat Intelligence to Prevent the most advanced IoT cyber-attacks

Connecting IoT devices to your network extends the attack surface for cyber criminals, and adds entrance points for hackers to target. Cyber criminals have taken advantage of the remote work required by the coronavirus by stepping up their attacks on medical, enterprise, and industrial IoT devices and critical infrastructure.

Be Data-Forward: Embrace a Hybrid Cloud Data Management Strategy (Rubrik)

It is the complete decoupling of data from the underlying infrastructure so that enterprises can obtain full insights and intelligence from that data. That’s what the 2020s will be about–garnering intelligence from the data, while simplifying data management.

Tuesday 7/21

Incident Response – Are You Prepared?

The time to think about what to do is before it happens. Being prepared to deal with a breach goes a long way towards a quick recovery and returning your company to business as usual. The best time to find and engage a trusted incident response partner is before an incident happens.

Emotet Returns After Five Month Hiatus

Emotet no longer loaded its own banking module, and instead loaded third party banking malware. More recently, we have observed Emotet delivering third-party payloads such as Qbot, The Trick, IcedID, and Gootkit. Additionally, Emotet loads its modules for spamming, credential stealing, email harvesting, and spreading on local networks.

Wednesday 7/22

The Changing World of Encryption: TLS Deployments in 2020 (F5)

Encryption on the web plays a key role in our privacy but it's constantly changing.

Fortinet Acquires Cloud Security and Networking Innovator OPAQ Networks

By combining Fortinet’s Security Fabric with OPAQ’s patented ZTNA solution, Fortinet further enhances its existing SASE offering to offer the best-in-class SASE cloud security platform with the industry’s only true Zero Trust access and security solution.

Thursday 7/23

Delivering Windows Virtual Desktop with Citrix Managed Desktops (Citrix)

Citrix has an extensive set of solutions under the Citrix Virtual Apps and Desktops hierarchy that enhance the capabilities of Windows Virtual Desktop. Citrix even built solutions, like Citrix Managed Desktops, specifically designed to leverage the Windows Virtual Desktop platform, but we’ve taken it one step farther by simplifying day-to-day management of your applications, desktops, and Microsoft entitlements.

Security for the Modern OT Environment (CyberArk)

With CyberArk session management capabilities, as long as the session management server is pointed to the device and connected via a supported protocol (RDP, SSH, application, etc.), all sessions are automatically isolated, recorded and monitored

Friday 7/24

New NIST Privacy Framework Crosswalks

NIST published links to GDPR and ISO crosswalks to the NIST Privacy Framework. These are published by Microsoft (for ISO/IEC 27701) and the Enterprivacy Consulting Group (for the GDPR-Regulation 2016/679).

Striving to Achieve High Fidelity Cloud Security (Check Point)

As cloud sprawl increases, the number of vulnerabilities you must cope with also expands on a daily basis. On top of this, security pros must also keep pace with the ever-increasing velocity of agile software deployment.

What is a Man-in-the-Middle Attack: Detection and Prevention Tips (Varonis)

A man-in-the-middle (MitM) attack is a form of cyberattack where important data is intercepted by an attacker using a technique to interject themselves into the communication process. The attacker can be a passive listener in your conversation, silently stealing your secrets, or an active participant, altering the contents of your messages, or impersonating the person/system you think you’re talking to.