Monday 10/26
Combatting BEC and EAC: How Cloud App Security Can Protect Your Company from Email Account Compromise (EAC) (Proofpoint)
Attackers often combine EAC with impersonation tactics (e.g. display name spoof, domain lookalikes) as a means to maintain the deceptive email discussion with the target.
https://bit.ly/34vKnsF
Microsoft Teams Phishing Attack Targets Office 365 Users
The initial phishing email displays the name “There’s new activity in Teams,” making it appear like an automated notification from Microsoft Teams.
https://bit.ly/3oq65Gp
Tuesday 10/27
Citrix Workspace: Helping employees to do their best work
Citrix Workspace provides organizations with a competitive edge by delivering everything employees need to be productive — apps, content, business services — in a unified experience, all while empowering IT to design and manage a compelling, modern, secure workspace experience.
https://bit.ly/3mrRske
What to Know About Cloud Infrastructure Entitlement Management (CIEM) (Palo Alto Networks)
In addition to dealing with the complex and dynamic environment in which cloud native technologies operate, a CIEM solution should also address privileged access management and identity governance and administration.
https://bit.ly/3jrJXYA
Wednesday 10/28
F5 Networks Extends AWS Alliance to Address CDN Security
F5 Networks this week announced the integration of F5 Essential App Protect, a software-as-a-service (SaaS) platform for protecting web applications, and Amazon CloudFront, a content delivery network (CDN) service from Amazon Web Services (AWS).
http://f5so.co/032B74
Beyond passwords: How to use multi-factor authentication - aka 2FA - to improve your security
A 2019 report from Microsoft concluded that 2FA works, blocking 99.9% of automated attacks. If a service provider supports multi-factor authentication, Microsoft recommends using it, even if it's as simple as SMS-based one-time passwords.
https://zd.net/34BXt7L
Thursday 10/29
Don’t Let Hackers Throw Your Brand Integrity Down the Drain (Check Point)
Hackers count on the trust that users have in products they regularly use and therefore they often impersonate your brand to interact with your customers and steal their data.
https://bit.ly/34E5GIH
Get Greater Visibility and Control of Your File Systems (Pure Storage)
Instead of spending nights and weekends troubleshooting performance issues, use Pure1 to look at issues across your stack. You can start at the volume or file-system level and go all the way to an individual virtual machine.
https://bit.ly/3e8kwdF
Friday 10/30
Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems
In lieu of a patch, Microsoft in March had noted that administrators can use PowerShell to disable SMBv3 compression, which will block unauthenticated attackers from exploiting the vulnerability against an SMBv3 server.
https://bit.ly/3kHISNR
Best Practices for Protecting Your Organization’s Dynamic Cloud Infrastructure (CyberArk)
Cloud infrastructure environments are not static; your cloud security approach shouldn’t be either.
https://bit.ly/2TFfImC