Attention CISOs: Get Answers to Your Top Questions

threatquotient logo 400x160At the helm of their security organization and often in the “hot seat”, CISOs can feel alone as they try to understand the rapidly evolving external threat landscape and focus on what truly matters. But they really aren’t alone. CISOs across organizations struggle with many of the same questions, including:

Weiterlesen

The Case for Cross-Training

Rangeforce Logo 400x160It’s long been said that it takes a thief to catch a thief. With cybercriminals continuing to evolve and develop an increasing specialization, can we then presume that the deeper each defenders’ knowledge grows across various cybersecurity skills, e.g., hacking, DoS attacks, SQLi, reverse engineering, threat hunting, and others, the better prepared your entire team will be to detect and contain future attacks quickly?

Weiterlesen

Okta’s Commitment to Social and Environmental Responsibility

okta logo 400 colorAt Okta, we live by our core values: love our customers, act with integrity, never stop innovating, be transparent, and empower our people. We put these into practice with our co-founder led weekly All Hands meetings and by giving back to our communities — we took the 1% Pledge prior to our IPO, offer frequent employee volunteering opportunities, and as the COVID-19 pandemic was unfolding, we devoted our resources to supporting those in need. We also made a swift decision to offer Okta for Emergency Remote Work to companies struggling to enable their teams to work from home. We put our values to work no matter what’s going on in the world and no matter what we’re working on. And now, we're taking the next step in putting these values to work with the launch of our environmental, social and governance (ESG) program.

Weiterlesen

Phishers Continue to Spoof WebEx

cofense logoLast month, the Cofense Phishing Defense Center (PDC) observed a new phishing trend wherein threat actors spoofed WebEx pages to harvest Office365 (O365) credentials. Since the posting of the original blog, the PDC has seen an increase in the number of similarly themed WebEx phishing attacks, yet another example of attackers leveraging the rapid shift to remote work in light of COVID-19 concerns. As many organizations and their workforce are increasingly dependent on remote working tools and solutions, reducing the attack surface (the number of different approaches a threat actor can use to enter or extract data) of such online platforms and services is becoming even more critical.

Weiterlesen

So hat das Coronavirus unsere Arbeitsweise beeinflusst

kasperskyCOVID-19 hat die Cyberbedrohungs-Landschaft der Unternehmen radikal verändert. Quarantänemaßnahmen haben eine große Anzahl von Menschen gezwungen, ihren gewohnten Arbeitsplatz ins Homeoffice zu verlagern. Um rechtzeitig auf diese Änderungen reagieren zu können, haben wir Expertenprognosen und -recherchen, sich ändernde Kundenanfragen und cyberkriminelle Aktivitäten sorgfältig untersucht. Was uns jedoch fehlte, war der Standpunkt eben dieser Mitarbeiter, die momentan von zu Hause arbeiten. Um also ein Gesamtbild zu erhalten, haben unsere Kollegen weltweit mehr als 6.000 Arbeiter befragt, um mehr über ihre Sichtweise und Perspektive zu erfahren. Die Ergebnisse möchten wir in diesem Blogbeitrag mit Ihnen teilen.

Weiterlesen

2020 GARTNER MARKET GUIDE FOR NPMD

ExtraHop logo 400x160kOver the past several years, network monitoring has gotten a lot trickier. Network packets are becoming increasingly difficult to collect, according to the Gartner Market Guide for Network Performance Monitoring and Diagnostics (NPMD). Cloud-native architectures are replacing hub-and-spoke network designs rapidly. Gone are the days when IT Ops and SecOps could simply leverage traditional network monitoring stacks to monitor traffic. Cloud speed, scale, and dynamism have put us in the middle of an information architecture revolution nearly as dramatic as the Tesla Model Y replacing the horse-and-buggy.

Weiterlesen

Von Security-Budgets über Personalmangel: Der Status Quo der IT-Sicherheit

 0000 drivelock logoCyberangriffe nehmen nicht nur zahlenmäßig, sondern auch in ihrer Raffinesse zu. Allerdings beeinträchtigt der IT-Fachkräftemangel viele Unternehmen bei der Umsetzung von IT-Sicherheitsmaßnahmen. Diese und weitere Erkenntnisse zum aktuellen Stand der IT-Sicherheit haben wir in einer Studie herausgefunden.

Weiterlesen

Targeted Attack Uses Fake EE Email to Deceive Users

cofense logoThe Cofense Phishing Defense Center (PDC) has discovered a spear-phishing campaign designed to defraud corporate executives’ payment details by spoofing EE, a well-known UK-based telecommunications and internet service provider.  These spear phishing messages were reported to the Cofense PDC by end users whose email environments are protected by Microsoft 365 EOP and Symantec. This new, targeted campaign shows that while exploiting well-known telecommunications brands is nothing new, such phishing emails continue to go undetected by popular email gateways designed to protect end users, leading to possible theft of prized corporate credentials

Weiterlesen

Group-IB uncovers PerSwaysion — sophisticated phishing campaign targeting executives worldwide

Group IB Logo 400x120Group-IB, a Singapore-based cybersecurity company, has identified a series of sophisticated successful phishing attacks against the management and executives of more than 150 companies around the world. The campaign, dubbed PerSwaysion due to the extensive abuse of Microsoft Sway, has been active since at least mid-2019 and was attributed to Vietnamese speaking developers and Nigerian operators. Сybercriminals behind the PerSwaysion campaign gained access to many confidential corporate MS Office365 emails of mainly financial service companies, law firms, and real estate groups. The PerSwaysion campaign proliferates with alarming rates by leveraging compromised accounts’ email data to select further targets who hold important roles in their companies and share business relations with the victims. Group-IB continues to work with the relevant parties in local countries to inform the affected companies of the breach. 

Weiterlesen

Sicherheitslücke iOS-App Mail: Worum geht’s? Was wird empfohlen? Und wie Sie mit SecurePIM sicher mobil arbeiten können

VirtualSolutions Logo 400x120Die Sicherheitslücke in der iOS-App Mail geht seit 23. April durch die Medien und hat für sehr viel Aufregung bei Sicherheitsbeauftragten und IT-Administratoren gesorgt. Das BSI schätzt die Sicherheitslücke als „besonders kritisch“ ein. Wir fassen für Sie kurz zusammen, um was es geht, welche Empfehlungen ausgesprochen wurden und warum unsere mobile Office-Lösung SecurePIM eine gute und vor allem sichere Alternative zur iOS-App Mail ist. 

Weiterlesen