Here are three examples that are worth your attention. Oh, what could have been avoided.
|
By Vincent Saporito
Over the past three years, the second Tuesday of each month has turned into a hectic period of planning and remediation, driven by a 25% average annual growth rate in CVEs. Just last Tuesday, Microsoft revealed a critical TCP/IP remote code execution (RCE) vulnerability in the IPv6 stack, which has a CVSS score of 9.8 due to its criticality and ease of exploitation. For a more in-depth look, we recommend these resources.
|
By Rik Ferguson
In a never-ending effort to do their job and secure their environments, cybersecurity teams often bear the brunt of negative perceptions, labelled as the department of ‘No.’ “No” to admin privileges, “No” to personal devices, and “No” to connecting unapproved technologies. These repeated denials, although done with the best intentions, can stifle innovation and create frustration within organizations. This perception needs to change.
|
By Don Sears
This week, the National Institute for Standards and Technology (NIST) released “Implementing a Zero Trust Architecture (NIST SP 1800-35)” for public comment. The guide is written by NIST’s National Cybersecurity Center of Excellence (NCCoE) in collaboration with 24 cybersecurity companies. Now in its fourth draft, NCCoE has opened up comments for this Zero Trust Architecture (ZTA) guide through Sept. 30, 2024, as part of a 60-day review cycle.
The current state of OT/IOT security is being repainted with a new coat of risk. The shade of color? Cellular routers and the vulnerabilities within firmware. In our new report with Finite State, our joint research explores the risks organizations face within the software supply chains of OT/IoT routers. Hardware has firmware – operational software – within its memory components.
In the last few weeks, there have been a few announcements made about a new malware threat known as FrostyGoop or BUSTLEBERM (as it was originally tracked by Mandiant). It is being recognized as the first custom malware to integrate Modbus for the purpose of causing physical damage. An associated incident has been reported where the malware was used to disrupt heating in Ukrainian homes in the context of a Russian cyberattack.
|
By Daniel dos Santos
Ransomware risk is top of mind for citizens and CISOs alike. From the board room to the room known as the ‘SOC’, everyone is feeling the pain of disruption. Being locked out of a system and forced back to pen and paper is shocking to our working lives. Too often, it is delaying a much-needed surgery or forcing manual intervention where a digital avenue was easy and efficient. But the effects of ransomware don’t appear to be going anywhere soon.
|
By Michael Bacon
No one feels the pain of ransomware and other disruptive and costly digital cybersecurity attacks more than the people managing the day-to-day in your SOC (Security Operations Center). At 13 attacks every second in 2023, cybercriminals, fraudsters and nation-state hacktivists are overwhelming SOC analysts. Nearly two-thirds (63%) of SOC analysts report the size of the attack surface has increased. At the same time, CISOs and SOC managers are struggling to handle on-the-job analyst burnout and turnover.
Wipers are malware that delete data on a device or make it inaccessible. They can be used for sabotage, to destroy evidence of an attack or simply to make a device unusable. IoT wipers often rewrite important parts of the firmware of an IoT device, rendering that device useless, so they are also known as “brickers”. Recent notorious examples of IoT wipers are AcidRain which was used by a Russian APT to brick satellite modems in Europe at the outset of the Russian invasion of Ukraine in 2022.
|
By Rhonda Holloway
Network Access Control (NAC) has undergone significant advancements since the beginning, continuously adapting for cybersecurity threats and technological innovation. As organizations embrace BYOD (Bring Your Own Device) and IoT/OT (Internet of Things/Operational Technology), vendors have transformed traditional NAC solutions to meet these new demands while maintaining a balance between usability and security.
|
By Forescout
#DidYouKnow — Generative AI has taken the world by storm. At Forescout we've also embraced generative AI, but not in the way you would expect. Justin Foster, our CTO, takes us through how we are embracing generative AI and what the future of security can look like.
|
By Forescout
Between 2023 and 2024, Chinese-made IoT devices in US networks grew by over 40%, as reported in our recent Forescout Research — Vedere Labs report. Why have banned Chinese-devices grown over the last year in the US and in other regions? In this video, Elisa Costante, our VP of Research, and Rik Ferguson, our VP of Security Intelligence, explore this question in detail.
|
By Forescout
Forescout eyeInspect provides you asset intelligence, security and threat detection, giving you the power to protect your most critical infrastructure. See it in action!
|
By Forescout
#DidYouKnow? Rogue devices are a serious threat to your network! It doesn't matter if it's an unauthorized game console an employee added, or hacker plugging into an exposed ethernet port.
|
By Forescout
Manage risks. Contain events. Mitigate threats. The Forescout Platform continuously identifies, protects and ensures the compliance of all managed and unmanaged cyber assets – IT, IoT, IoMT and OT – without business disruption. It delivers comprehensive capabilities for network security, risk and exposure management, and extended detection and response. With seamless context sharing and workflow orchestration via ecosystem partners, it enables you to more effectively manage cyber risk and mitigate threats.
|
By Forescout
Continuously identify, protect and ensure the compliance of all cyber assets across your organization.
|
By Forescout
#DidYouKnow Operational Technology (OT) is now HIGHLY connected 🔗, but can't be secured in the same way as IT?
|
By Forescout
#DidYouKnow? The first step in cyber security is knowing WHAT you are securing! Forescout shows you every asset… what is it, who owns it, where it is and when it connected to your network.
|
By Forescout
DidYouKnow? #Forescout shines a light on your complex networks! 🔦 What do you do when the amount of unmanageable devices exceed the number of managed devices? Our CTO, Justin Foster, how we bring the light to the deepest darkest corners of your network and brings visibility and control.
|
By Forescout
The IT landscape is rapidly evolving to meet the demands of our digitally transforming world and a radically changed business environment that calls for always-on performance and agility at scale. As a result, client-server computing has given way to disruptive IT architectures that reshape business and ownership models. These include private and public cloud services, 'bring your own device' (BYOD), mobility and the Internet of Things (IoT).
The NERC CIP standards are a set of mandatory requirements for North America's bulk electric system.
|
By Forescout
They are designed to secure the assets of these essential services. There are 11 standards in total, covering everything from the protection of critical cyber assets to security management, personnel & training, incident reporting, and recovery planning. In this free eBook we explore how the continuous network monitoring capabilities of eyeInspect can streamline your compliance with these NERC CIP standards, saving you considerable time and money.
|
By Forescout
That's because perimeter-focused security architectures that default to high trust levels on the internal network are ill-suited for an edgeless enterprise that increasingly supports mobile and remote workers as well as vast numbers of IoT devices. This Forescout white paper explains why visibility is essential for effective Zero Trust architecture and how continuous visibility can help you identify, segment and enforce compliance using Zero Trust principles. It also addresses foundational capabilities Forrester Research requires to designate solutions as a Zero Trust platform.
|
By Forescout
With a staggering majority of devices - expected to reach more than 75 billion by 2025 - connected to vast networks and the internet, reducing cyber risk becomes a critical focal point for the age of IoT.
|
By Forescout
The diverse and complex nature of IIoT and OT security use cases can make the technology selection difficult, and unfortunately, copying IT security practices and technology will not result in a secure OT environment. To achieve lasting success with OT cybersecurity investments, managers must ask prescriptive questions during the technology procurement process. In this eBook, we discuss the seven questions recommended by Gartner for SRM leaders to ask during their OT security technology selection and how Forescout answers them.
|
By Forescout
The drive to increase productivity and reduce costs in manufacturing environments has led to an exponential increase in the adoption of automation on plant floors, also known as Industry 4.0. If your organization has integrated its computation, networking and physical processes, this whitepaper will explain how deploying network monitoring technology will bring tremendous value to both your IT and OT teams.
- September 2024 (1)
- August 2024 (5)
- July 2024 (7)
- June 2024 (4)
- May 2024 (9)
- April 2024 (5)
- March 2024 (5)
- February 2024 (4)
- January 2024 (4)
- December 2023 (2)
- November 2023 (2)
- October 2023 (2)
- September 2023 (6)
- August 2023 (2)
- July 2023 (3)
- June 2023 (5)
- May 2023 (4)
- April 2023 (2)
- March 2023 (6)
- February 2023 (2)
- January 2023 (2)
- December 2022 (5)
- November 2022 (4)
- October 2022 (10)
- September 2022 (7)
- August 2022 (5)
- July 2022 (1)
- June 2022 (8)
- May 2022 (4)
- April 2022 (9)
- March 2022 (2)
- February 2022 (5)
- December 2021 (14)
- November 2021 (6)
- October 2021 (4)
- September 2021 (2)
- May 2021 (2)
- April 2021 (1)
- February 2021 (2)
- January 2021 (1)
- December 2020 (2)
- November 2020 (4)
With so many agentless devices being deployed every day, it’s never been harder to protect your network from threats. Forescout delivers actionable information so you can see the devices on your network and take action to prevent them from compromising your enterprise.
Forescout Technologies, Inc. actively defends the Enterprise of Things by identifying, segmenting and enforcing compliance of every connected thing. Fortune 1000 companies trust Forescout as it provides the most widely deployed, enterprise-class platform at scale across IT, IoT, and OT managed and unmanaged devices.
Forescout arms customers with more device intelligence than any other company in the world, allowing organizations across every industry to accurately classify risk, detect anomalies and quickly remediate cyberthreats without disruption of critical business assets. Don’t just see it. Secure it.
See Every Device. Defend Your Entire Network.