By now, many organizations have adopted the cloud in some way. We saw organizations moving whole servers over to the cloud at the beginning, but now we see small parts of a system being moved to the cloud and new cloud native offerings. We’ll use the analogies of Lincoln Logs and Legos to describe these deployment models.
Past and present employees of General Electric (GE) are learning that their sensitive information has been exposed by a data breach at a third-party service provider. Fortune 500 company GE says it was recently informed of a security breach at one of its partners, Canon Business Process Services.
As the Coronavirus (COVID-19) reality hits home, retail banks and credit unions all over the globe have been quick to respond to customer and employee safety concerns. In Canada last week, we witnessed the Big Six – Bank of Montreal, CIBC, National Bank of Canada, RBC, Scotiabank and TD – temporarily closing branches and encouraging customers to shift their interactions to ATMs, online and mobile banking channels.
The global corporate landscape is on the brink of a complete premises lockdown in light of the COVID-19 crisis. Service disruption is inevitable, and enterprises’ business continuity plans are being put to the test. Despite this challenge, it’s heartening to see companies across nations take quick steps to ensure the health and safety of their employees during these trying times.
A couple of years ago it felt like you couldn’t turn your head in any direction without seeing another headline about cryptomining and – its more evil sibling – cryptojacking. Countless websites were hijacked, and injected with cryptocurrency-mining code designed to exploit the resources of visiting computers. Victims included the likes of the LA Times, and political fact-checking website Politifact.
When China built an entire emergency hospital in a matter of days in Wuhan – a city about the size of NYC that most of us had never heard of – the world was watching with concern, but somehow still expected and hoped that the crisis would somehow remain contained to China, or at least Asia. People in Europe and the U.S.
We have seen great strides in improving security tooling and processes over the past ten years. Via constantly maturing security models, security teams have become increasingly dependent upon an ever-more complex toolchain of products and services. But what happens when these systems fail. How much effort are we putting into planning and maintaining our security solutions to ensure they’re available when issues occur?
With more and more endpoints accessing your network remotely, you should expect rapid increases in VPN connections and usage, as well as exponential usage of cloud-based services. There are numerous Splunk apps that can help you increase the monitoring of remote endpoints but let’s showcase Splunk Security Essentials (SSE).
Attackers are increasingly exploiting the fact that email gateways turn a blind eye to links to popular sites such as YouTube, in order to phish passwords from unsuspecting computer users. Researcher Ashley Trans of Cofense highlighted the threat in a blog post describing a recent phishing campaign. In the attack, an unsuspecting user receives an email which purports to come from SharePoint, claiming that a new file has been uploaded to his company’s SharePoint site.
We’re pleased to announce the debut of ManageEngine Application Control Plus, an application whitelisting, blacklisting, and privilege management solution. IT operations could come to a standstill if applications suddenly ceased to exist, but applications can be considered double-edged swords. As important as applications are, they also form the largest threat vectors in any network.
