Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When it comes to insider threats and cybersecurity in general, experts often discuss how to practice policies of containment, and use these to mitigate threats. One fundamental way to do this is through the process of network segmentation.

Virtual private networks (VPNs) were introduced roughly two decades ago with the idea that creating an encrypted tunnel directly from a computer device to a network would provide secure access to company resources and communications from remote locations. VPN performance was notoriously sluggish, and they were difficult and time consuming for IT to administer, but at least the appliances were secure. Or so people thought.

On March 29, researchers from two security companies identified an active campaign originating from a modified version of a legitimate, signed application: 3CXDesktopApp, a popular voice and video conferencing software. 3CXDesktopApp is developed by 3CX, a business communications software company. According to its website, 3CX has 600,000 client organizations and 12 million daily users.

There are never enough hours in the day to do everything. I think we all have a to-do list that is at least twice as long as the time available to complete it. To cope, we prioritize what’s “on fire” or what has the most potential to immediately cause damage if it’s not taken care of. Often the things we “should” focus on fall to the wayside as they are outshined by what we must do immediately.

Digital and cloud transformation has unlocked new business opportunities and operational efficiencies for organisations. But migration to the cloud also means our approach to deploying applications and services has radically changed, as enterprises move away from traditional data centres. Likewise, flexible working means users have also moved away from traditional offices and branches.

As part of our recently released 2022 Threat Roundup report, Forescout Vedere Labs described how the Mirai IoT botnet continues to evolve via new variants and adaptations, such as Gafgyt and RapperBot, more than six years after it started taking over IoT devices and had its source code leaked.

A Web Application Firewall (WAF) is a security solution designed to protect web applications from various attacks, including SQL injection, cross-site scripting (XSS), and others. There are two types of WAF: on-premise and cloud-based.

Defining and implementing a network microsegmentation strategy is paramount to securing the network and protecting assets. However, it’s also a time-consuming and resource-intensive endeavor. This means it’s vital that enterprises are confident that their zone-to-zone security policy is functioning as intended.