Tag Archive for: Mitigates

How Zero Trust Mitigates Zero-Day Attacks  


Zero-day attacks can be mitigated with zero trust (least privilege access) best practices 

Zero-day attacks, fueled by their stealthy nature and unknown vulnerabilities, pose a significant threat to organizations, worldwide and across all sectors. Attacks like WannCry, Stuxnet, Peta/NotPeta, and the Equifax Breach made major news publications headlines and are a part of the public consciousness. These sophisticated cyber threats can bypass traditional security defenses, making them difficult to detect and mitigate. However, implementing a zero trust security model is an effective approach to combat zero-day attacks.  

We will investigate how zero trust mitigates zero-day attacks by redefining the security perimeter, adopting a proactive defense strategy, enforcing strict access controls, leveraging continuous monitoring, and integrating advanced threat intelligence. Here’s how organizations can fortify their security posture by adopting zero trust principles and effectively safeguarding against the ever-evolving – and ever-current – attacks by nation-state bad actors, hacktivists, and financial opportunists.

AWS Builder Community Hub

Zero-Day Back on the Radar 

Recent weeks have seen a worrying wave of cyberattacks c/o MOVEit, a widely used file transfer application from Progress, which has again raised the ever-worrying issue of zero-day attacks. Bad actors have exploited its vulnerabilities, successfully deployed ransomware, and stolen data via vulnerable MOVEit deployments worldwide.

This situation isn’t just about the scale of the issue; it’s also about the complexity and sophistication of these threats. This new type of cyberattack involves remote code execution, a step beyond the typical “man in the middle” or “dependency tampering” tactics that have been all too common in the past. This is a calculated, tactical intrusion that marks a shift in the cybercriminal playbook of Russian-backed Clop, also known as Lace Tempest, TA505, and FIN11, who have claimed responsibility for this (and many other zero-day exploits) in order to deploy ransomware 

Progress has been quick to address the vulnerabilities in MOVEit, offering patches to mitigate the identified threats, but…

Source…

JPC Mitigates Ransomware Risk with BlackFog


Providing managed IT services for small to medium size businesses across multiple verticals has its challenges, particularly when it comes to convincing them that they need to adopt newer technologies to protect against threats such as ransomware.

Some customers are not interested in IT, and they entrust JPC to take all responsibility to install the right products to protect their environments, while others have limited cybersecurity knowledge and are more focussed on saving money.

JPC General Manager and Solution Architect Ronny Johnsen explains, “with new customers we are able to build the right product portfolio to ensure maximum protection from cyberthreats. With legacy customers they often need to be convinced that they need additional layers of security, and unfortunately, they feel that older technologies such as Antivirus and Firewalls are going to offer enough protection. In many cases they don’t believe they are going to be a cyberattack victim until it’s too late.”

For JPC, the threat of ransomware is the most frightening, Ronny continues, “it doesn’t happen often, but it has major impact when it does. Over the years we’ve dealt with different attacks, one notable incident saw the Norwegian Police involved when critical data was lost during a ransomware attack. The attack impacted an old firewall at the customer site and a local on- premise server. A very important database was encrypted, as were the backups.

Recovery from that incident took around 2 years and it involved recovering data from a 12 year old backup. A very costly and frustrating experience that could have been easily mitigated with the right solution in place.”

JPC regularly reviews new technology to ensure they are offering their clients the best solutions…

Source…

Microsoft Mitigates 3.47Tbps DDoS Attack, a New Record


Microsoft says it encountered the largest DDoS attack on record last November when a hacker tried to take down a customer’s online services.

The incident involved an unnamed customer in Asia, who uses Microsoft’s Azure cloud computing service. The hacker harnessed 10,000 computers across the globe, including in the US and China, to generate a massive 3.47Tbps DDoS attack, which lasted for 15 minutes. 

The amount of traffic exceeds the 2.5Tbps assault Google fended off in 2017, which was the previous record holder for largest known DDoS attack. 

The Nov. DDoS Attack

Microsoft mentioned the 3.47Tbps attack in a report discussing its DDoS protection efforts through Azure. It’s unclear who instigated the assault and if it came from a hacker-controlled botnet. But the mysterious culprit used a variety of methods to amplify the DDoS attack, which included exploiting the UDP and CLDAP protocols in what’s known as “reflection attacks.” 

In December, Microsoft also mitigated a series of other DDoS attacks targeting customers in Asia. The first peaked at 3.25Tbps, the second at 2.55Tbps. However, it seems the company defended against all the assaults without incident. 

DDoS attacks in December

“In these cases, our customers do not have to worry about how to protect their workloads in Azure,” the company wrote in the report. “Azure’s DDoS protection platform, built on distributed DDoS detection and mitigation pipelines, can scale enormously to absorb the highest volume of DDoS attacks, providing our customers the level of protection they need.”

Recommended by Our Editors

The company added that its DDoS protection services will continuously monitor a customer’s online services and scrub any bad traffic from the Azure network before it can disrupt services. 

We’ve reached out to Microsoft for more details about the attacks, and we’ll update the story if we hear back. But the incident shows even the largest DDoS attacks can be foiled through protection services from the biggest cloud providers. Others, including Cloudflare and Amazon, have also touted fending off major DDoS assaults in recent years with relative ease.  

Like What You’re Reading?

Sign up for Security Watch newsletter for our top privacy…

Source…

Easy Solutions Anti-Phishing Service Mitigates the Epsilon Email Breach – PRWeb

Easy Solutions Inc., the leading security vendor specializing in fraud prevention, releases a white paper on the April 1st statement issued by the marketing firm Epsilon, and the sophisticated and targeted phishing attacks that are sure to follow. The …
Read more