Tag Archive for: applications

Preventing attacks on mobile applications in the enterprise

/in


The use of mobile devices within enterprise organizations is commonplace, so organizations must prepare for all sorts of mobile threat vectors — including attacks via mobile applications — to avoid a cybersecurity breach.

As the COVID-19 pandemic and the trend of working from anywhere have pushed many people to work remotely, mobile devices have become a primary channel for employees to stay in touch with their employers and enterprise networks. While this shift has offered convenience and flexibility to workers, reliance on mobile devices brings new security risks to the table. Ransomware, malware and other types of attacks can target mobile devices to great effect, and organizations must account for this to keep data secure throughout the enterprise.

Mobile app breaches threaten enterprises

It only takes one compromised mobile device for an attacker to access an organization’s network. Corporate-owned and BYOD mobile devices are the ultimate target for land-and-expand attacks, where an attack on a mobile device sets the stage for another attack on a back-end system or cloud application. A typical corporate user’s mobile device may have business email, a unified communications application such as Slack or Teams, and a Salesforce or other customer relationship management (CRM) client. When attackers compromise such a device, they have full access to the corporate network resources — as if they’re authorized users of the device.

Because many workers resorted to using personal and corporate-owned mobile devices to get their jobs done amid the pandemic, the mobile attack surface has grown in recent years. A 2022 report from mobile security vendor Zimperium found that a global average of 23% of mobile devices encountered malicious applications in 2021. The firm also found that 75% of phishing sites specifically targeted mobile devices that year.

Additionally, with each new application a user installs on a mobile device, the attack surface grows. Threats to applications, such as exposed APIs and misconfigured code, leave customer data open to attack. Outdated mobile apps only add to these security vulnerabilities. Organizations can look to enterprise mobility management (EMM) and

Source…

Mastering microsegmentation for enterprise applications

/in


Network segmentation is one of the defensive practices used by many enterprises to stop the spread of malware in the ecosystem. Servers and databases are grouped together by using network switches or firewall appliances, and separation is achieved based on the application requirements.

Network segmentation provides very rudimentary control over the malware. Typically the network segments are based on physical or virtual servers and consider layer 2 and layer 3 attributes. But malware can easily break such segments.

The next level is microsegmentation which segments based on server routing tables and the application’s layer 3 and layer 4 attributes like TCP or UDP port numbers. In such segmentation methods, one or more applications with large number of individual processes can be grouped together and segregated from each other based on certain behavior or routing policies.

Unfortunately, in recent times, many such deployments were breached due to uncertainty in the behavior of the applications or larger sizes of the micro-segments. Malware can easily attack and migrate laterally by exploiting application vulnerabilities. In all forms of attacks, the applications processes or databases are the target of attacks, so the protection is really needed for the application / database processes.

In this video for Help Net Security, Keshav Kamble, CTO of Avocado Systems, talks about the challenges, benefits and modern methods of microsegmentation.

Source…

Security Review of Introducing New Applications into Business Environment

/in


Our business environment does not commonly introduce new applications to avoid adding security risks and compatibility issues. 

 

If we are to add new software, how do I go about reviewing if this software is safe from a security standpoint?

 

At the moment, I am installing it on a test machine and running a Nessus scan, which I feel will just give me a false sense of security. 

 

Edit: I understand I’m suppose to provide the OS, but this is more of a general question for all OS. If I must pick, Windows 10/11 Pro

Edited by hamluis, Today, 01:49 PM.

Moved from Bus Apps to Gen Security – Hamluis.

Source…

Best antivirus software | Best programs and applications

/in


Normally we would see ourselves surrounded by such a great amount of information while on the internet. Most of it could be content based on our preferences, so much that it could make us feel a fake sense of security. This is where the risk of being threatened by malware operations can cause us a series of greater complications. Therefore, every PC owner should know about the grand importance of Antivirus software. These programs get to be installed for safeguarding your things on the web and protecting your privacy. We would like to dispose of you with a list of the best Antivirus Software nowadays.

List of Best Antivirus Software

Avast Antivirus

Taken for the strongest choice involving virus detection, the Avast Antivirus system stands out easily. It’s basically a group of internet security apps that includes freeware and paid versions. These are also associated with computer security functions, such as antiphishing, firewalls, and antispyware features.

AVG Antivirus

The system offers protection in any place against non-secure apps, blockers, and anti-stealth trackers. It also counts with an AES 256 bits shuttering VPN, which puts it at the same safety level as banks do.     

Microsoft Defender

You can consider this program as one of the best Antivirus software options around. A system that’s normally built into Windows, Defender will stay turned on to help the user while covering the basics of Software security. It also has a function for leveling the amount of protection the user wants, maintaining control over outter attacks. This Antivirus Software is only compatible with Windows systems.

Norton 360 with LifeLock Select

This antivirus system has a great set of functions on the technological level. It provides the user with industry-leading security software for PCs. Including a five-device subscription for $150 per year, it also comes with 100GB of backup cloud storage. Besides this, its antivirus set comes with password managing, self-business tools, and other executive functions.

BitDefender Antivirus Free Edition

Developing real-life monitoring for viruses, BitDefender takes care of the user’s stuff by operating for…

Source…