Data security is a never-ending challenge. On one hand, IT organizations are
required to keep up with regulations and protect intellectual property from
targeted attacks and accidental exposure. On the other, they must adapt to
macro IT movements, such as the adoption of cloud applications, hybrid...
Unrivaled visibility into early activity on
users’ computers prevents data theft
and loss by hijacked systems, rogue
insiders, or negligent end users.
Forcepoint Insider Threat has been identifying
and stopping threats from within for
government and Fortune 100 customers for
more than 15 years. With more than...
Driving Office 365 adoption is an important goal 87% of IT professionals say it's a top priority. Yet few have fully migrated their users and apps due to concerns around security, compliance, and poor user experience caused by network architecture limitations and constraints.
Forcepoint's Office 365 solution can...
In a business world without perimeters and dominated by remote work, finding a balance between easy collaboration and data security can be challenging. Users and data are operating outside of traditional IT defenses that implicitly trust people who are inside of their network. With a mantra of “Never Trust, Always...
One of the biggest trends in 2020 was the rise of complex, multi-staged cyberattacks. These attacks used new delivery mechanisms - like macros and other legitimate app functionality - to evade detection by antivirus software, hide data exfiltration actions (e.g., steganography), and coordinate multi-staged maneuvers...
In 2020, the pandemic tremendously impacted public-sector organisations all over the world. As every public-facing service organisation was forced to start pivoting to digital alternatives from the traditional “in-person & paper” model, a new set of challenges were created.
The digital transformation taking...
Love it or hate it, email remains an essential business and productivity tool. Many organizations have now migrated to cloud-based Office 365 email for their employees. But while cloud-based approaches offer easier procurement, manageability and better cost savings, certain email facts of life won't change.
Moving...
Threat detection and response is a core component of modern security programs, driving investment in tools to improve visibility, efficacy,
and efficiency. As organizations commit to and extend EDR, NDR, or other security analytics solutions in support of broad threat detection
and response programs, new...
Advanced attackers can evade detection by stealing credentials and masquerading as legitimate users. In response, security teams today must deploy multiple – often siloed – detection and response tools.
The problem is that each tool only provides a narrow view of one data source, forcing analysts to manually...
Security teams face a dizzying array of threats, from ransomware and
cyberespionage to fileless attacks and damaging data breaches. However,
the biggest headache for many security analysts is not the endless number
of risks that dominate news headlines, but rather the repetitive tasks they
must perform every day...
Protecting your endpoints requires a much more holistic approach than simply blocking known
malware. Adversaries today create countless variants of malware and use obfuscation techniques
to evade signature detection.
They can turn your own resources against you, converting legitimate
endpoint applications into...
Love it or hate it, email remains an essential business and productivity tool. Many organizations have now migrated to cloud-based Office 365 email for their employees. But while cloud-based approaches offer easier procurement, manageability and better cost savings, certain email facts of life won't change.
Moving...
Criminals continue to target on-premises Microsoft Exchange servers that have not yet been updated with four critical patches, including for a ProxyLogon flaw, which is now being targeted by Black Kingdom ransomware. One expert describes the attack code as being "rudimentary and amateurish" but still a threat.
There has been a spike in web shells being detected as ransomware gangs and other attackers increasingly target vulnerable on-premises Microsoft Exchange servers following publication of proof-of-concept attack code for ProxyLogon, which is one of four zero-day flaws patched by Microsoft in early March.
This edition of the ISMG Security Report features an analysis of the Microsoft Exchange on-premises server hacks – from who might have leaked the vulnerability exploits to how ransomware gangs are taking advantage of the flaws. Also featured: Tackling the cybercrime business model; assessing "zero trust."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.