Tag Archive for: Endpoint

Is Endpoint Security taking a backseat in your IT architecture?

/in


By Apu Pavithran, CEO, Hexnode

When Charles Babbage invented the first computer in 1822, little did he know that its capability to store information would unleash a series of cybercrimes. What started as an attack on the French Telegraph system in 1834 later saw its better selves with the advent of the internet in the 1960s. After a series of destructive attacks, the concept of ‘computer security,’ commonly dubbed as ‘cybersecurity,’ was born in the 1970s.

Following the attack on the ARPANET, the Internet’s predecessor that harmed 10% of the connected computers, the Association of Computer Machinery (ACM) inaugurated ‘National Computer Security Day’ in 1988. A decade back, when your business took birth in a garage with you and your partner being the only employees, security never had to be a cause of worry. However, over the years, as your businesses mushroom, your staff base expands, and your workplace landscape turns around, slacking on security might mean putting your business on the line. So, as another November 30th draws close, let’s rewind the clock and evaluate where we stand today in terms of security.

The Exodus towards Computer Security
A great majority of people believe that using a seven-character password to secure your devices is the sum total of cybersecurity. However, the latest conversations around password management and security give an insight into how passwords used in brute force attacks usually include eight or more characters. With the dark web controlling the internet to gain monetary benefits, it is evident that data is not just safe anymore and passwords like “12345”, “qwerty,” and “password” can easily put your business on rough waters. The fact that bidders are willing to pay an average of US $ 3,100 for stolen credentials in the dark web sets off every alarm and drives businesses’ attention to password management systems. Unfortunately, businesses seem to disregard such alarming figures, and many organizations are yet to deploy a mechanism to manage their work passwords.

While these issues can be addressed by subscribing to a password management tool, the concept of passkeys has been slowly sweeping over the password…

Source…

Endpoint Security and Network Monitoring News for the Week of October 21; SpecterOps, ClearShark, Automox, and More

/in


Endpoint Security and Network Monitoring News for the Week of October 21

The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of October 21. This curated list features endpoint security and network monitoring vendors such as SpecterOps, ClearShark, Automox and more.

Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.

Endpoint Security and Network Monitoring News for the Week of October 21

SpecterOps SO-CON 2022: Oct 24 – 28, 2022

Next week, SpecterOps hosts SO-CON 2022, their third-annual training event taking place both in-person and online October 24th – 28th, 2022. In addition to hosting all five of their Adversary Tactics training courses, including newly expanded, three-day versions of the Mac Tradecraft and Vulnerability Research for Operators courses, SO-CON will wrap the week with a series of new training workshops developed by the Specters team.

Read on for more.

Comcast Business Research Shows Cybersecurity Remains a Problem for SMBs

Comcast Business released its first annual Comcast Business Small Business Cybersecurity Report offering a window into the cybersecurity threats small and medium-sized business (SMB) customers face daily. The report found that up to 65 percent of Comcast Business SecurityEdge customers experienced blocked attacks from July 2021 to June 2022, with up to 55 percent experiencing a botnet attack and nearly 50 percent experiencing malware and phishing attacks.

Read on for more.

RSA Announces New Mobile Security Platform

RSA, a global leader in identity and access management, announced the introduction of RSA Mobile Lock, a powerful new defense in the war for mobile security and an immediate resolution for one of the weakest points in every organization’s security stance: their users. RSA Mobile Lock detects critical threats on mobile devices…

Source…

Investigating NATO-Themed Phishing Lures With EclecticIQ Intelligence Center and Endpoint Response Tool

/in


tool-stix-icon

Synopsis

With cyberattacks such a common occurrence, analysts must be able to stay ahead of the curve by investigating files and indicators of compromise quickly and efficiently. The EclecticIQ Intelligence Center (IC) is the perfect tool to facilitate investigations like these. This post will describe how EclecticIQ’s Intelligence & Research analysts used the IC to investigate the potential maliciousness of files leveraging NATO-themed phishing lures, and how they operationalized this intelligence by feeding it into the EclecticIQ Endpoint Response (ER) security tool.

The Need for Targeted Collection: The Benelux Region’s Unique Concerns About Cyber Threats

If past attacks are any indicator of future risk, Belgium, the Netherlands, and Luxembourg (collectively Benelux) region of Europe is an attractive target for cyber threat actors. A review of past cyberattacks targeting Benelux shows that the number of attacks targeting this region has grown in a way that is typical for what one might expect in a relatively connected, business-intense region. (1, 2) It is difficult to know the exact number of cyberattacks since many go unreported, but based on those that are reported, analysts note a few patterns. Most Belgium, Luxembourg, and The Netherlands-focused cyberattacks remain localized; they are severe enough to make news and to be disruptive by reducing or suspending services, but generally, the damage from attacks is contained. Often, individuals or assets in the region may be caught up in wide-reaching software vulnerabilities or supply chain issues, simply because they are part of an international network of users. Judging from news and press, cyberattacks were also typical in that they appear opportunistic with attackers pursuing any vulnerable target they find, regardless of industry; schools and universities, businesses, and government entities have been victimized in recent years. (3, 4, 5, 6, 7, 8, 9)

DevOps Experience 2022

Defining Initial Collection Requirements: Identify and Sample Benelux-Based Potential Targets

To dig deeper into the Benelux cyber threat landscape, analysts developed a list of possible high-profile targets in those three countries; the list included government and…

Source…

5 Reasons Why Web Security Is As Important as Endpoint Security

/in


by Invicti • Sep 16, 2022

Would you say that a company is secure if their employees are using laptops with no anti-malware installed at all? Most businesses would say that is an irresponsible approach. Then why would many businesses have websites and web applications with no protection at all and why would many MSSPs not offer their customers any kind of web application security services?

An “antivirus” (an anti-malware solution) is perceived as a standard element of a Windows installation – it’s rare to see a computer without one. However, strangely enough, many businesses feel completely secure just setting up a website or web application without paying any attention to whether it is secure and many MSSPs provide them with no security for their web assets at all. This is even more surprising because web-accessible databases usually contain more sensitive data than an average office machine, for example, customer personal information.

Here are five reasons why both you, the MSSP, and your customers should treat web security with as much attention as personal computer security and endpoint security in general.

Reason 1. The move to the cloud

Twenty years ago, websites were just simple, mostly static presentations – digital billboards in a way. Today, many of us are, for example, creating our documents online instead of using a desktop word processor – quite often the only software installed on our Windows machine is the browser. And even if there is some other software like Slack, it uses web interfaces to communicate with the servers. Companies are using their own servers less often. For many employees, desktop computers and laptops are basically thin clients that are there only to make it possible to access the web.

This means that anti-malware software basically protects an empty computer that has no special software on it, just a browser. The only major risk of such a computer being attacked is if the attack makes it possible to steal login credentials to web applications.

On the other hand, all the data, all the business support software, and everything else is on the web or will soon be there. And, unfortunately, quite often it is left completely…

Source…