Today, Forrester released The Forrester Wave™: Zero Trust Edge Solutions, Q3 2023 Report. Zero Trust Edge (ZTE) is Forrester’s name for SASE. We were delighted to be described as the “poster child” of ZTE and SASE and be named a “Leader” in the report.
Hello Teleport Community, Our team has just returned from Hacker Summer Camp (bSides Las Vegas, Blackhat and DEFCON). I met many customers, OSS users, hackers and security engineers at bSides. I had lots of great conversations at the bSides, and it was good to chat with both red and blue teams. This month’s newsletter is a review of some of my conversations from the week.
Cloud takeover campaign targets top-level executives, Rhysida ransomware threatens the healthcare sector, and LOLKEK ransomware continues to evolve.
On April 21st, 2023, AT&T Managed Extended Detection and Response (MXDR) investigated an attempted ransomware attack on one of our clients, a home improvement business. The investigation revealed the attacker used AuKill malware on the client's print server to disable the server's installed EDR solution, SentinelOne, by brute forcing an administrator account and downgrading a driver to a vulnerable version.
AT&T Alien Labs researchers recently discovered a massive campaign of threats delivering a proxy server application to Windows machines. A company is charging for proxy service on traffic that goes through those machines. This is a continuation of research described in our blog on Mac systems turned into proxy exit nodes by AdLoad.
From ChatGPT to DALL-E to Grammarly, there are countless ways to leverage generative AI (GenAI) to simplify everyday life. Whether you’re looking to cut down on busywork, create stunning visual content, or compose impeccable emails, GenAI’s got you covered—however, it’s vital to keep a close eye on your sensitive data at all times.
The past three months witnessed several notable changes impacting privacy obligations for businesses. Coming into the second quarter of 2023, the privacy space was poised for action. In the US, state lawmakers worked to push through comprehensive privacy legislation on an unprecedented scale, we saw a major focus on children's data and health data as areas of concern, and AI regulation took center stage as we examined the intersection of data privacy and AI growth.
According to the Cyber Security Skills in the UK Labour Market 2023 report released by the UK government, 50% of UK businesses face a fundamental cyber security skills gap, while 33% grapple with an advanced skills gap. This is just one of the challenges that the Chief Information Security Officer (CISO) must face. While these figures remain similar to 2022 and 2021, it's evident that there's still work to be done to bridge the expertise divide.
Penetration testing is an important component of the security strategy of any organisation. A well-conducted pen test can help IT teams ensure that their defences are up to par and are capable of protecting businesses and organisations against cyber security attacks.
In today’s age of rapidly increasing data collection, data privacy laws are becoming more prevalent than ever. The EU’s General Data Protection Regulation (GDPR) is considered the worldwide benchmark of data privacy law. While many countries have followed similar regulations, the United States does not have a GDPR equivalent. Instead of national standards and regulations, individual states pass their own privacy laws.
