Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Why VPNs on mobile devices are a crucial part of securing access to corporate data

Securing access to business resources has always been of high priority for admins and IT teams. In the wake of the pandemic, workforces are more distributed than ever before, and 76 percent of global office workers state that they would like to work from home even when the pandemic is over.

Adopting a BYOD policy amid the COVID-19 era

In the midst of the COVID-19 pandemic, even companies that had said no to BYOD have come to terms with it, as a fair share of remote work would not even be possible without such a policy. Pandemic or no pandemic, on-the-go data access has always enabled employees to get work done quickly and efficiently. It guarantees better communication with colleagues, improves customer service, and device familiarity brings employee satisfaction and increased productivity.

How to secure your network from a Ryuk ransomware attack

Universal Health Services (UHS), a Fortune 500 company and healthcare services provider, has reportedly shut down systems at facilities throughout the United States after the Ryuk ransomware hit its network on September 27, according to an article on the Health IT Security website. What is Ryuk ransomware? Ryuk is a sophisticated ransomware threat that targets businesses, hospitals, and government institutions across the world.

IT security under attack blog series: Instant domain persistence by registering a rogue domain controller

In this blog in the IT security under attack series, we will learn about an advanced Active Directory (AD) domain controller (DC) attack to obtain persistence in AD environments. Dubbed DCShadow, this is a late-stage kill chain attack that allows a threat actor with admin (domain or enterprise admin) credentials to leverage the replication mechanism in AD to register a rogue domain controller in order to inject backdoor changes to an AD domain.

Five worthy reads: The rise in credential stuffing attacks

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week we explore how credential stuffing attacks are evolving and why they pose a greater threat than meets the eye. Credential stuffing is perhaps the simplest form of cyberattack, but it continues to make headlines despite its lack of sophistication. It has become the attack method of choice for cybercriminals primarily because of its high success rate and ROI.

5 user behavioral patterns to look out for in a decentralized workspace

Problem: If there are thousands of employees scattered around hundreds of places, how do you keep your organization’s network safe? Solution: You should monitor your employees wherever they’re located, and devise a standard baseline of their behavior through machine learning techniques. By using that information, you can identify anomalies and protect your network from cyberattacks.

CybersecAsia Awards 2020 recognizes ManageEngine for its leadership in cybersecurity

ManageEngine’s Log360 was recently honored with the CybersecAsia Award for the Best User and Entity Behavior Analytics software application. The award certifies the important role, and the innovative technology brought to the table by Log360 over the past two years. Elevated cybersecurity risks currently experienced by organizations have driven the sudden adoption of the cloud and increased workforce mobility.

Port scanner 101: What it is and why should you use it

In today’s complex network infrastructure comprised of diverse resources, devices, and users, port scans represent a significant amount of network traffic. Crackers and hackers alike use port scanners to discover port vulnerabilities that can become attack vectors to malicious outcomes. In this post, we discuss the fundamentals of port scanning, and why you need to deploy an effective port scanner software on your network right now.

Alert AA20-302A: Federal agencies warn about ransomware attacks targeting hospitals

A cybersecurity bulletin was released by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) on October 28, 2020. The three agencies have issued a high-level warning about an increased, imminent threat of ransomware attacks in the healthcare sector. The cybercriminal group behind the TrickBot, Ryuk, and BazarLoader malware is now targeting U.S. hospitals and healthcare providers.

Tackling your network security challenges using ManageEngine ITOM solutions

Network security management typically entails end-to-end management of the entire network security infrastructure of an enterprise. However, in this rapidly changing security ecosystem, there’s an inherent need for IT admins to be extremely agile to maintain an effective security posture.