The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) have recently published a joint advisory providing details on the top 30 vulnerabilities routinely exploited by malicious cyber actors in 2020 and those widely exploited in 2021 so far.
Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations.
In July of 2021, a new ransomware named BlackMatter emerged and was being advertised in web forums where the group was searching for compromised networks from companies with revenues of $100 million or more per year. Although they are not advertising as a Ransomware-as-a-Service (RaaS), the fact they are looking for “partners” is an indication that they are operating in this model.
The shift to remote and hybrid work at scale has created unprecedented demand for our cloud-delivered Zero Trust Network Access(ZTNA) solution, Netskope Private Access(NPA). This is no surprise.
During this past year, organizations have moved towards the adoption of SaaS (software-as-a-service) applications like Microsoft O365, Salesforce, and GitHub at a more rapid pace than originally planned to help accommodate and facilitate the many employees that became remote workers, needing access to cloud applications from anywhere.
Change is the only constant and this is especially apparent for the firewall space, as we’ve seen with branch office transformation and users continuing to work remotely. Secure Access Service Edge (SASE) architecture, when properly designed, puts the user in the center with cloud edge security services protecting them, their data, and the apps and websites they use every day, on either company or personal instances.
There is the marketing of secure access service edge (SASE), and then there is the actual integration of key capabilities that provide the benefits of less complexity, consolidation, and lower cost of operations a properly implemented SASE architecture provides.
This blog series expands upon a presentation given at DEF CON 29 on August 7, 2021. In Part 1 of this series, we provided an overview of OAuth 2.0 and two of its authorization flows, the authorization code grant and the device authorization grant. In Part 2 of this series, we described how a phishing attack could be carried out by exploiting the device authorization grant flow.
LockBit Ransomware(a.k.a. ABCD) is yet another ransomware group operating in the RaaS(Ransomware-as-a-Service) model, following the same architecture as other major threat groups, like REvil. This threat emerged in September 2019 and is still being improved by its creators. In June 2021, the LockBit group announced the release of LockBit 2.0, which included a new website hosted on the deep web, as well as a new feature to encrypt Windows domains using group policy.
The need for “Zero Trust” today is no longer the same as what we talked about years ago when the term was first coined. Back then, businesses only had a handful of remote workers signing in to the corporate network. The common wisdom of the day dictated that you couldn’t implicitly trust the authentication of those remote users any longer because they weren’t on the company LAN and the common solution was installing two-factor authentication.
