Think back to the end of 2019. Enterprises were evolving IT infrastructure at a moderate pace to reduce costs, be more competitive, and improve their ability to adapt to an increasingly digitized world. Whether migrating workloads to the cloud, virtualizing network functions, diversifying mobility, or moving applications and services closer to the edge, digital transformation was steadily evolving the business landscape.

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.

The outbreak of COVID-19 has led many businesses to transition a large number of employees to remote work. The shift could end up becoming a long-term trend; it’s expected to continue after the pandemic ends. Therefore, it is more important than ever to develop strategies for managing and responding to risks within your organization. Internal risk management procedures will need to adapt to the issue of insider threats, a challenge which is compounded by remote work.

User privacy and cybersecurity are two terms that often get used interchangeably when we talk about protecting our information on the internet. However, privacy and security are different areas of practice – only recently have these two areas come to intersect. In 2018, Harvard Business Review reported, “[P]rivacy and security are converging, thanks to the rise of big data and machine learning.

Managing security vulnerabilities and false positives is a challenge in today’s DevSecOps environment. Configure the right tools correctly to avoid overload. To do a job well, you need the right tools. But it’s just as important—perhaps even more so—to use those tools correctly. A hammer will make things worse in your construction project if you’re trying to use it as a screwdriver or a drill. The same is true in software development.

If high-tech gadgets are on your holiday shopping list, it is worth taking a moment to think about the particular risks they may bring. Under the wrong circumstances, even an innocuous gift may introduce unexpected vulnerabilities. In this blog series, VERT will be looking at some of the Internet’s best-selling holiday gifts with an eye toward their possible security implications.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Social engineering attacks are really common, perhaps due to customer service staff being constantly told to present a helpful persona, especially in these tough times where customer retention is important. Vigilance and process are your best friends here.