In the light of this week’s news of a major breach of a Healthcare provider’s systems which resulted in the theft of patients’ personal details, Tripwire has issued an alert outlining how to create custom Tripwire IP360 rules to detect known versions of the malware used.
The official blog from Satisnet Ltd
Most people are aware of what cloud computing has to offer, and the fact that scales easily and it provides access to data anytime and from anywhere. But how does it apply to Shavlik products? How are Shavlik products taking advantage of cloud computing in order to provide benefits to the customer?
FireEye reports that Advanced Persistent Threat (APT) groups are targeting the pharmaceutical industry, compromising systems and stealing vital information, and perhaps putting lives at risk. Recent reports of theft of personal data of healthcare providers’ patients reinforces FireEye’s belief that the industry is a goldmine for APT actors.
Recent high-profile zero-day vulnerabilities (e.g. Heartbleed) have grabbed a lot of media attention and caused IT departments to commit resources to dealing with them. While this is understandable, it has meant that organisations are being left open to increased risk.
Gartner has named Sophos in its Leaders Quadrant in the Gartner Magic Quadrant for Unified Threat Management for the third year in a row. The Magic Quadrant is based on an assessment of a company’s ability to execute and completeness of vision. In the past year Sophos released our SG Series appliances, their fastest ever UTM devices, and has achieved impressive growth in the market.
The phrase “Shadow IT” is becoming increasingly popular and refers to SaaS products and services used by employees without the knowledge or approval of the IT department. These services include business productivity, social media, file sharing, storage and backup. Frost & Sullivan recently surveyed line of business (LOB) and IT managers, and 80% of respondents admitted using non-approved SaaS applications for their work.
VMTurbo recently commissioned TechValidate, a trusted authority for creating customer evidence content, to survey their customer base. The firm contacted over 150 customers thorough the world across a variety of industries and asked them about the challenges they solved with VMTurbo, how this complements other tools in their virtual datacenters, and their overall perception of the value provided.
Thycotic has published a useful ‘Getting Started Guide’ for anyone who uses their Secret Server enterprise password management tool to store, distribute, monitor and update privileged and shared accounts. The company is encouraging the sharing of their blog post with your non-IT teams, including Marketing, Human Resources and Finance, to help them get started with Secret Server.
Tenable has released an update to SecurityCenter CV’s Log Correlation Engine, making it easier to integrate Continuous Monitoring in your IT infrastructure. The company recommends that customers of these products consider upgrading to take advantage of the new self-monitoring and enhanced integration features in this release.
If your organisation is anything like the majority, your enterprise data is being stored in a multitude of different locations, both on-premise and in the cloud, including some places you may not even be aware of. Employes are taking it upon themselves to use cloud services and are struggling to find the information they need when they need it.
Adobe has issued an urgent warning to Windows users to update their installations of Adobe Reader and Acrobat, after it was discovered that a critical vulnerability allowing circumvention of sandbox protection on the Windows platform is being exploited by attackers.
The media frenzy this week about a Russian cyber gang amassing 1.2 billion user credentials including emails and passwords hasn’t been helped by the fact that the security firm behind the revelations, Hold Security, seems to be holding back the details for financial gain by offering breach notification services to businesses starting at $120 per year.
Microsoft has announced in a blog post that it will cease to support version 8 of its Internet Explorer web browser in January 2016 and is encouraging its users to upgrade, primarily for security reasons. Furthermore, the company has also said that after this date, only the most recent version of Internet Explorer available for a supported operating system will receive technical support and security updates.
Cloud applications with sensitive data stored in the cloud are widely prevalent. “Shadow IT”, including Gmail, DropBox, Webex and many other cloud services are used both formally and covertly in most organisations today, a fact which brings serious security concern for IT and compliance professionals. These services can expose corporate data and offer hackers a single, high value target that invites watering-hole type attacks.
A new study has revealed that U.S. companies of all sizes are having difficulty managing their mobile deployments and realising all the benefits of mobility promised by BYOD enthusiasts. CompTIA, a non-profit trade organisation for the IT industry, surveyed 400 business and IT executives responsible for mobility policies and processes.
Sophos recently surveyed IT professionals and found that 51% of them are running a firewall that is three or more years old. That means they’re missing out on the latest functionality — from advanced threat protection, app control and branch office VPN, to mobile NAC, email and endpoint protection.
Following on from the report concerning the Russian hackers who stole over 1.2 billion passwords, the onus is very much on you to protect your databases. But if you have several different SIEM and monitoring programs fragmenting your time and security, you probably have too many logs to check and too little time.
A Russian criminal gang has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, the New York Times reports. The hackers are a group called CyberVors based in Russia and the records include confidential material gathered from 420,000 websites, ranging from small businesses all over the world to household names.