This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On September 04, 2020

Monday 8/31

Policy Evasion: Evasive Techniques You Need to Understand to Prevent Breaches and Attacks (FireEye)

In today’s world, security must be top of mind for everyone within an organization, and that means setting and adhering to cyber security policies are essential to preventing breaches and attacks.

What’s the problem with a VPN and a regular browser for remote access? (Citrix)

Organizations can provide access to internal web apps and resources with a VPN and a “regular” browser. The problem is that while there might be some authentication control with the initial login, IT has no control over of the browser session beyond that.

Malicious Attachments Remain a Cybercriminal Threat Vector Favorite

While attachment threat vectors are one of the oldest malware-spreading tricks in the books, email users are still clicking on malicious attachments that hit their inbox, whether it’s a purported “job offer” or a pretend “critical invoice.”

Tuesday 9/1

The next phase of application monitoring is predictive (F5)

Lori MacVittie, principal technical evangelist, Office of the CTO at #F5, explores the switch from active and passive application monitoring to something a little more predictable.

Education in a Pandemic: Protect Your Kids from Virtual Back-to-school Threats (Check Point)

Students, parents, and schools should all be aware of the cybersecurity threats surrounding virtual learning this fall.

Wednesday 9/2

U.S. Department of Defense Selects Forescout to Protect Millions of Mission Critical Devices Across Global Networks

The Defense Information Systems Agency (DISA) chose Forescout’s technology as the foundation of the DoD’s “Comply to Connect” (C2C) initiative, a security framework to provide the highest level of assurance for authentication, authorization, compliance assessment and automated remediation of devices connecting to the DoD information network (DoDIN).

CyberArk Extends Cloud Deployment Options, Improves Simplicity and Scalability with v11.6

As the attack surface grows with remote work environments and expanded cloud deployments, organizations are turning to PAM solutions that help prevent credential theft, stop vertical and lateral movement, and limit privilege escalation and abuse. Maintaining the availability of key PAM processes is an important element of a defense in-depth strategy.

Thursday 9/3

A Comprehensive Look at Emotet’s Summer 2020 Return (Proofpoint)

While there are some innovations and incremental changes, Proofpoint researchers have noted surprisingly minimal change in TA542’s tactics or tooling, considering the long break. Many trends observed previously still remain relevant.

What is Role-Based Access Control (RBAC)? (Varonis)

Role-Based Access Control (RBAC) is a security paradigm whereby users are granted access to resources based on their role in the company. RBAC, if implemented correctly, can be an effective way of enforcing the principle of least privilege.

Friday 9/3

New Python-scripted trojan malware targets fintech companies

The trojan allows attackers to secretly steal corporate information through the use of keylogging and taking screenshots, as well as the ability to collect information about the infected system, including which version of Windows is running, what anti-virus products are installed and whether USB devices are connected.

How to Make Your Windows Virtual Desktop Migration a Real Success (Lakeside Software)

To fully reap the benefits of virtualized desktops and apps, IT teams need to gather and analyze data to carefully assess needs, find the right fit for users, streamline the transition, and cut unnecessary expenses throughout the WVD journey.