This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On October 30, 2020

Monday 10/26

Combatting BEC and EAC: How Cloud App Security Can Protect Your Company from Email Account Compromise (EAC) (Proofpoint)

Attackers often combine EAC with impersonation tactics (e.g. display name spoof, domain lookalikes) as a means to maintain the deceptive email discussion with the target.

Microsoft Teams Phishing Attack Targets Office 365 Users

The initial phishing email displays the name “There’s new activity in Teams,” making it appear like an automated notification from Microsoft Teams.

Tuesday 10/27

Citrix Workspace: Helping employees to do their best work

Citrix Workspace provides organizations with a competitive edge by delivering everything employees need to be productive — apps, content, business services — in a unified experience, all while empowering IT to design and manage a compelling, modern, secure workspace experience.

What to Know About Cloud Infrastructure Entitlement Management (CIEM) (Palo Alto Networks)

In addition to dealing with the complex and dynamic environment in which cloud native technologies operate, a CIEM solution should also address privileged access management and identity governance and administration.

Wednesday 10/28

F5 Networks Extends AWS Alliance to Address CDN Security

F5 Networks this week announced the integration of F5 Essential App Protect, a software-as-a-service (SaaS) platform for protecting web applications, and Amazon CloudFront, a content delivery network (CDN) service from Amazon Web Services (AWS).

Beyond passwords: How to use multi-factor authentication - aka 2FA - to improve your security

A 2019 report from Microsoft concluded that 2FA works, blocking 99.9% of automated attacks. If a service provider supports multi-factor authentication, Microsoft recommends using it, even if it's as simple as SMS-based one-time passwords.

Thursday 10/29

Don’t Let Hackers Throw Your Brand Integrity Down the Drain (Check Point)

Hackers count on the trust that users have in products they regularly use and therefore they often impersonate your brand to interact with your customers and steal their data.

Get Greater Visibility and Control of Your File Systems (Pure Storage)

Instead of spending nights and weekends troubleshooting performance issues, use Pure1 to look at issues across your stack. You can start at the volume or file-system level and go all the way to an individual virtual machine.

Friday 10/30

Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems

In lieu of a patch, Microsoft in March had noted that administrators can use PowerShell to disable SMBv3 compression, which will block unauthenticated attackers from exploiting the vulnerability against an SMBv3 server.

Best Practices for Protecting Your Organization’s Dynamic Cloud Infrastructure (CyberArk)

Cloud infrastructure environments are not static; your cloud security approach shouldn’t be either.