Microsoft Internet Information Server (IIS) is widely used in the enterprise, despite a less-than-stellar reputation for security. In fact, for many “IIS security” is a contradiction of terms—though in all fairness, Microsoft's web server solution has improved significantly over the years. IIS 8.5 for server 2012 R2 and IIS 10 for 2016 have been hardened and no longer present the dangerous default configurations of older IIS iterations, but can still be further tightened.

Business partnerships require trust, but knowing whether your vendors merit that trust is difficult. With the rise of information technology, the ways in which trust can be broken, intentionally or unintentionally, have multiplied and become more complex. Vendor security assessment questionnaires are one method to verify that service providers follow appropriate information security practices so your business can weigh the risk of entrusting them with your data.

Vendor risk scoring is a practice that has emerged to address the complexity of vendor management by assigning vendors a single score– typically a number or letter grade– to facilitate comparison between vendors and portfolios. The past decades of digital transformation have provided both the need for innovative IT security hygiene assessment techniques and the technological capabilities to gather and analyze the data necessary to give those risk scores predictive power.

At Lookout, our mission has always been to make the mobile experience as secure as possible for customers. We’re proud to collaborate with AT&T to power and deliver the AT&T Mobile Security solution.

With all the email, documents, Slack messages, and other artifacts that come through my purview each day, I think the language gods will forgive me for a few typos. But I would hate to think that a keystroke error could result in an irrecoverable breach of my company’s most private data. Seems a bit dramatic, no? According to a recent Forbes article, Dropbox users face this very issue when sharing sensitive data.

We recently carried out a survey of 200 UK enterprises across e-Commerce, financial services, entertainment and travel. Amongst our objectives, we wanted to discover the state of bot attacks in the surveyed industries. We now know that many businesses use some sort of bot mitigation, and the few that don’t are in the process of doing so. In part 2 of our blog series, we find out which bot attacks represent the greatest risk to businesses.

Because of additional regulations and standards pertaining to information security, including Payment Card Industry Data Security Standard (PCI-DSS), the General Data Protection Regulation (GDPR), Sarbanes-Oxley (SOX), the Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA) and ISO 27001, organizations are putting more emphasis on compliance as well as the auditing of their cybersecurity policies and cybersecurity controls.

The Internet of Things (IoT) is a term used to describe a system of interconnected computing devices that use the internet to send and receive data without requiring human to computer or human to human coordination. The world of IoT encompasses a wide variety of technologies, vendors, and connectivity methods. While cameras, smart kitchen appliances and smart locks often come to mind, IoT devices are prevalent in all industries.

A friend contacted me the other day about a scam call purporting to come from Amazon’s customer support department. She wasn’t home at the time, so the scammer left a message stating that a charge of $749 appeared on her account. Of course, she didn’t actually order anything for that price, and, although she suspected it was a scam, something about it caught her attention, so she called the phone number displayed on her caller I.D.

Attackers were quick to exploit the COVID-19 pandemic, with coronavirus-themed phishing campaigns, Trojans delivering ransomware and backdoors, and other scams. Netskope Threat Labs have been keeping a close eye on the threat landscape and tracking COVID-related campaigns throughout this unprecedented time.