Articles about Security

Policy as code is central to establishing and maintaining secure cloud architecture by enabling security teams to impart their knowledge across the organization in a common, machine-readable language.

Cloud computing cyberattacks don’t play out like the scenes from Hollywood thrillers. No one is slowly lowering Tom Cruise into a preselected target’s secure data center equipped with ultrasensitive noise, temperature and motion detectors so he can steal a specific file.

Continue reading →

This week, we have written about the Follina zero-day vulnerability that allows for remote code execution on a victim's computer. Despite having been known about for a number of weeks, Microsoft is still yet to issue a patch for the actively exploited critical security flaw, instead simply offering details of a workaround.

As has been the case in the past, a third party has come to the rescue. Micro-patching firm 0patch has released a free fix for the vulnerability -- for Windows 11, Windows 10, Windows 7 and Windows Server 2008 R2 -- which is tracked as CVE-2022-30190 and relates to the Microsoft Windows Support Diagnostic Tool (MSDT) component of Windows.

Continue reading →

According to a new report 85 percent of IT security professionals have experienced preventable business impacts resulting from insufficient response procedures, while 97 percent say that more accurate alerting would increase their confidence in automating threat response actions.

The State of the Modern SOC report from Deepwatch is based on a survey by Dimensional Research of over 300 security professionals, working at US organizations with 1,000 or more employees.

Continue reading →

A survey of over 400 CISOs finds they are are grappling with a wide range of risks and challenges, especially linked to accelerating utilization of technologies like cloud-based applications and the use of Application Programming Interfaces (APIs).

The study from CISOs Connect, an invitation-only community of cyber experts and part of Security Current, finds the IT components rated as most needing improvement are: APIs (42 percent), cloud applications (SaaS) (41 percent), and cloud infrastructure (IaaS) (38 percent).

Continue reading →

A new study shows 47 percent of security leaders do not believe they will be breached despite the increasing sophistication and frequency of attacks.

The survey of 1,000 IT and security professionals across eight countries, conducted by The Enterprise Strategy Group for Illumio finds in the past two years alone 76 percent have been attacked by ransomware and 66 percent have experienced at least one software supply chain attack.

Continue reading →

Microsoft has launched a new family of products called Entra. Microsoft Entra encompasses a number of identity and access management solutions including the existing Azure AD. The launch comes after the acquisition of CloudKnox Security last year, and is Microsoft's attempt to help boost security across multicloud environments -- or "secure access for a connected world".

Bolstering the product family, the company has also launched cloud permission management tool Microsoft Entra Permissions Management​, and Microsoft Entra Verified ID​ -- a system that allows for more secure interactions, based on decentralized identity standards. Microsoft has also announced public previews of Workload Identities​ and Lifecycle Workflows.

Continue reading →

Yesterday we wrote about a zero-day vulnerability called Follina which allows for remote code execution on a victim's computer. While the flow -- tracked as CVE-2022-30190 -- has been described as an Office vulnerability, it is really the result of a security issue with a component of Windows.

A problem exists in the Microsoft Windows Support Diagnostic Tool (MSDT) which is found in all supported versions of Windows, including Windows 11. The vulnerability has been billed as an Office vulnerability as using a malicious Word file is one of the easiest attack vectors to exploit the flaw. But what is worrying about the vulnerability, apart from the fact that Microsoft has not fixed it yet, is that the company was made aware of the fact that it was being actively exploited way back on April 12.

Continue reading →

A new study reveals a major disconnect in the way senior management teams collaborate and determine the risks and impact on their operations when hit by a cyberattack.

The research carried out by Sapio Research for Deep Instinct shows only 12 percent of chief financial officers are actively involved in the process, even though 56 percent say their organization has paid a ransom to recover data.

Continue reading →

While Microsoft may be quick to point out security vulnerabilities in other companies' products, its own software is far from infallible. A good example of this is the recently discovered 'Follina' security hole that affects Microsoft Office.

The vulnerability can be exploited to launch PowerShell and execute a variety of malicious commands; all that a victim needs to do is open a specially crafted Word file. Tracked as CVE-2022-30190, Microsoft has released details of a workaround that helps to mitigate the issue.

Continue reading →

The Microsoft 365 Defender Research Team has shared details of several high-severity vulnerabilities found in a mobile framework used in popular apps associated with a number of big names.

The framework is owned by mce Systems, and is used in apps from numerous mobile providers. The apps -- from the likes of AT&T, Rogers Communications and Bell Canada -- are often pre-installed on Android handsets, but they have also been downloaded millions of times. If exploited, the vulnerabilities allow for local or remote attacks, including command injection and privilege escalation attacks.

Continue reading →

Everyone is striving to make their systems more secure and in many cases that means adopting encryption in order to protect data.

But the use of encrypted traffic over networks presents a headache for security teams as malicious content can be harder to detect. We spoke to Thomas Pore, director of security products at Live Action, to find out more about the problem and how it can be addressed.

Continue reading →

The Facebook Messenger 'Is That You?' video phishing scam has been around since 2017, but a recent investigation into it by researchers at Cybernews has led to the discovery of what they're calling a 'cybercriminal stronghold'.

Threat actors are using this to infect the social network with thousands of malicious links each day. The research has also identified at least five suspects, thought to be residing in the Dominican Republic.

Continue reading →

Business email compromise attacks are up 53 percent over the last year and are increasingly trying to look more like legitimate emails in their use of language.

A new report from Armorblox shows 74 percent of BEC attacks are using language as the main attack vector.

Continue reading →

According to a new poll 40 percent of enterprises don't include business-critical systems such as SAP in their cybersecurity monitoring. In addition, a further 27 percent are unsure if systems are included in their cybersecurity monitoring at all.

The survey from Logpoint also shows only 23 percent say the process of reviewing SAP logs for cybersecurity events or cyberthreat activity is automated through SIEM, with almost 19 percent still doing so manually.

Continue reading →

Ransomware, software supply chain attacks, data breaches, and more have become an almost daily occurrence in an increasingly challenging threat landscape.

Automated threat detection company Blumira has released a new report based on its security detections which reveals that identity-based attacks and living off the land behaviors were the top threats organizations faced in 2021.

Continue reading →