Ransomware - Still Going Strong and No End in Sight Preventing ransomware attacks is top of mind for everyone from IT admins, CISOs, CEOs to governments. And while it’s not a new problem, an unrelenting series of successful and devastating ransomware attacks has refocused the world’s attention on it. Simultaneously, threat actors only grow more sophisticated by the day, making it [...]
Robust, old, and essential — legacy systems are impossible to avoid. Whether they are COBOL-based banking applications or retail software used in old sales terminals, on-premises legacy systems are both a crucial part of countless enterprise IT operations and a significant cybersecurity weakness. The size and age of on-premises legacy systems make them hard to patch and update. Moreover, their inherent [...]
Any way you look at it, 2020 was a crazy year. From the coronavirus outbreak to the U.S. presidential elections, the year held many eccentricities. And prowling behind the many changes that overcame our lives were new trends of cyberattacks and security threats, often backed by nation-state actors. In the tense political and economic climate, state-backed actors used every possible means [...]
The cybersecurity threat level has risen at such unprecedented rates during the COVID-19 pandemic that Risk Based Security declared 2020 “the worst year on record” even before it was over. While every breach is different, infiltrated organizations tend to share weaknesses. These are often related to low awareness, using outdated software, and perhaps most commonly vulnerable access control methods, as the [...]
The passwordless authentication market is fast-growing, and it is becoming increasingly affordable and easy to deploy identity access management that do away with passwords. But with so many providers and technologies, how do you make sure to choose the right solution for your enterprise? Recently, Aite Group, a business and technology advisory with offices in U.S. and UK, selected Secret Double [...]
With the FBI reporting an over 400% increase in the level of cybercrime in 2020 and the year ending with a massive government data breach, 2020 has brought cybersecurity to the forefront of most people's minds. However, while this year saw cybersecurity become a key operational priority for the majority of businesses, effective cybersecurity technologies and solutions will remain vital in [...]
User-Managed Passwords are a Massive Threat to Public Infrastructure With this year’s World Password Day upon us, it’s high time to take a good look at the critical infrastructure sector and the password-related security vulnerabilities that are in dire need of updating. While modern utility systems become increasingly digitally connected, cyber criminals and the threat landscape are growing in sophistication. While [...]
Every year, billions of personal and corporate accounts get hacked. And every year, organizations respond in the same way: Enforcing stricter password policies. The result? A false sense of accomplishment and a short-lived boost to security, followed by a return to the usual: insecure passwords and, of course, more compromised accounts. In this post, we will examine why password policies are [...]
2020 was a year of accelerated digital transformation with Covid-10 related lockdowns pushing pre-existing trends into overdrive. We saw more quantum leaps in cloud adoption, remote work, and digital transformation in a single year than we saw in a decade. Naturally, this shakeup has caused a near-perfect storm in the world of cybersecurity. Threat actors have, by extension, expanded their hunting [...]
Just when we thought 2020 couldn’t get worse, security firm Mandiant FireEye broke the news that a vulnerability in the software of IT solutions provider SolarWinds had resulted in a massive security breach across the public and private sector, targeting dozens of companies and government agencies, including the U.S. Departments of Commerce, Treasury, Justice, Defense, and the Center for Disease Control. [...]
Government contracts can be very attractive for organizations of any size. A testament to the fact is the fierce competition between large tech companies to win the bid for the Department of Defense’s (DoD) JEDI project, worth over $10 billion. But public sector contracts have their own set of caveats and sensibilities, and not taking them into consideration can land an [...]
Corporate credentials for sale in the dark web: how to protect your users and data Passwords of corporate employees are valuable. However, despite organizations’ best efforts to protect their systems, user credentials keep ending up on the Dark Web forums for sale. Credentials are targeted in a wide range of attacks, from simple phishing to complicated brute-force attacks. Every year brings [...]
Settling back into work after the holiday season is a challenge for any employee. However, for IT professionals, the new year can be an incredibly stressful time. As employees return to work, they inevitably subject help desks with a barrage of new support tickets while simultaneously opening up potential cybersecurity weaknesses. In 2021, this scenario is likely to be compounded by [...]
