Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

According to Gartner, enterprise usage of AIOps is set to surge from a mere 5% in 2018 to a whopping 30% in 2023. To survive in an increasingly competitive market, MSPs must not only respond well to customer expectations but anticipate them. Another Gartner report states that by 2025, over 80% of public cloud managed and professional services deals will require both hybrid and multi-cloud capabilities from the provider, up from below 50% in 2020.

Web applications are continuously evolving due to the hypo-velocity of code changes and stream of new features and functionality leaving businesses exposed to application security risks. A new wave of automated pen testing conducted through a software as a service delivery model can help reduce this risk by providing automated vulnerability findings in real time.

As a former systems and network administrator, I understand the demands that are placed on today’s IT professionals. It’s true that skills gap continues to hamper IT and security personnel, for example. In early 2020, Tripwire revealed the results of a survey in which 83% of security professionals noted that they felt more overworked going into that year than they did at the start of 2019.

Guessing how many marbles are in a jar is either a fun carnival game (pick the average based on the wisdom of the crowd) or a math problem involving orb volume, cylinder volume and the estimated space between marbles. You can also just count the marbles. Unfortunately, when it comes to identifying the number of devices connected to your network, none of these approaches works – although quasi-manual counting remains all too common.

We’ve seen a massive increase in the number of open source packages created and used in the wild during the past few years. These days every ecosystem has its package manager, and almost every package manager has its hidden gems and configurations. That said, as developers continuously install an ever-expanding number of packages, attackers gain interest in the packages’ attack surfaces. Then, the journey to craft the perfectly hidden malicious package begins.

As we witness history in the making, the scale and complexity of the conflict are immeasurable. When focusing on the cyber warfare aspect of the conflict we can see, first time in history, warfare that includes every type of cyber-personal, state-sponsored groups, ransomware groups, hacktivists, DDoS actors, script kitties and even volunteers that want to join the cause.

The cyber risk landscape changes quickly. In the last few years we’ve seen a rise in the number of ransomware attacks, and the end of 2021 was marked by the Log4J vulnerability. As data stacks get bigger and more difficult to defend, you may be wondering what threats are on the horizon in 2022. Based on what we’ve seen so far, the coming year’s risks are likely to be fairly familiar.

Egnyte is excited to share a number of improvements that were made to the platform this month, including added secure sharing capabilities, an expansion of supported preview file types, and more governance features for administrators.

Given that active cyber warfare has broken out alongside Russia’s active invasion of Ukraine - from Russian wiper malware to Anonymous hacking Russian state TV - CISA’s recent “Shields Up” memo is a timely insight into some of the TTPs defenders of critical infrastructure should be keeping an eye out for. Let’s break down the four key areas outlined in the memo and examine ways they can be detected with network data.

Cornwall Council is warning residents about a new scam that is making the rounds on text messages. Fraudsters are sending scam messages that appear to be from the Cornwall Council, telling people that they need to isolate themselves due to being in contact with those with COVID19. They are being asked to click on a link for more information and to book a test. The text is being sent from mobile phone numbers, so it’s important to be wary of any links you receive from unknown senders.