Monday 7/20
Cisco releases security fixes for critical VPN, router vulnerabilities
Over this week, Cisco added its own contribution, with the networking giant releasing patches for 34 bugs, the most severe of which can be exploited to conduct remote code execution and privilege escalation attacks.
https://zd.net/2OG41JV
Check Point IoT Protect Uses Automation and Threat Intelligence to Prevent the most advanced IoT cyber-attacks
Connecting IoT devices to your network extends the attack surface for cyber criminals, and adds entrance points for hackers to target. Cyber criminals have taken advantage of the remote work required by the coronavirus by stepping up their attacks on medical, enterprise, and industrial IoT devices and critical infrastructure.
https://bit.ly/2OD55y6
Be Data-Forward: Embrace a Hybrid Cloud Data Management Strategy (Rubrik)
It is the complete decoupling of data from the underlying infrastructure so that enterprises can obtain full insights and intelligence from that data. That’s what the 2020s will be about–garnering intelligence from the data, while simplifying data management.
https://bit.ly/2CQAlHi
Tuesday 7/21
Incident Response – Are You Prepared?
The time to think about what to do is before it happens. Being prepared to deal with a breach goes a long way towards a quick recovery and returning your company to business as usual. The best time to find and engage a trusted incident response partner is before an incident happens.
https://bit.ly/2CrfV81
Emotet Returns After Five Month Hiatus
Emotet no longer loaded its own banking module, and instead loaded third party banking malware. More recently, we have observed Emotet delivering third-party payloads such as Qbot, The Trick, IcedID, and Gootkit. Additionally, Emotet loads its modules for spamming, credential stealing, email harvesting, and spreading on local networks.
https://bit.ly/2WI6aJm
Wednesday 7/22
The Changing World of Encryption: TLS Deployments in 2020 (F5)
Encryption on the web plays a key role in our privacy but it's constantly changing.
http://f5so.co/E99ECB
Fortinet Acquires Cloud Security and Networking Innovator OPAQ Networks
By combining Fortinet’s Security Fabric with OPAQ’s patented ZTNA solution, Fortinet further enhances its existing SASE offering to offer the best-in-class SASE cloud security platform with the industry’s only true Zero Trust access and security solution.
https://bit.ly/39jqzt8
Thursday 7/23
Delivering Windows Virtual Desktop with Citrix Managed Desktops (Citrix)
Citrix has an extensive set of solutions under the Citrix Virtual Apps and Desktops hierarchy that enhance the capabilities of Windows Virtual Desktop. Citrix even built solutions, like Citrix Managed Desktops, specifically designed to leverage the Windows Virtual Desktop platform, but we’ve taken it one step farther by simplifying day-to-day management of your applications, desktops, and Microsoft entitlements.
https://bit.ly/3eXmXye
Security for the Modern OT Environment (CyberArk)
With CyberArk session management capabilities, as long as the session management server is pointed to the device and connected via a supported protocol (RDP, SSH, application, etc.), all sessions are automatically isolated, recorded and monitored
https://bit.ly/2WNRJ6B
Friday 7/24
New NIST Privacy Framework Crosswalks
NIST published links to GDPR and ISO crosswalks to the NIST Privacy Framework. These are published by Microsoft (for ISO/IEC 27701) and the Enterprivacy Consulting Group (for the GDPR-Regulation 2016/679).
https://bit.ly/3hx5FcX
Striving to Achieve High Fidelity Cloud Security (Check Point)
As cloud sprawl increases, the number of vulnerabilities you must cope with also expands on a daily basis. On top of this, security pros must also keep pace with the ever-increasing velocity of agile software deployment.
https://bit.ly/3eWqD3w
What is a Man-in-the-Middle Attack: Detection and Prevention Tips (Varonis)
A man-in-the-middle (MitM) attack is a form of cyberattack where important data is intercepted by an attacker using a technique to interject themselves into the communication process. The attacker can be a passive listener in your conversation, silently stealing your secrets, or an active participant, altering the contents of your messages, or impersonating the person/system you think you’re talking to.
https://bit.ly/3jFJJP0