New Intel CPU-level threat detection capabilities target ransomware
Detecting ransomware programs has never been easy, and attackers have always
found ways to evade security products. The sophisticated groups that use
manual hacking and perform months-long reconnaissance and lateral movement
inside corporate networks will know very well what malware detection software
their victims are using and can test in advance to make sure their payload
will not be detected. This is part of the reason why ransomware campaigns are
so effective and devastating to organizations. Aside from signature-based
detection, security products attempt to detect ransomware-like behavior by
monitoring for unusual patterns in file activity. For example, the reading and
writing of a large number of files in certain directories or with certain file
types in rapid succession can indicate suspicious activity. Significant
differences in the contents of overwritten files is another example since an
encrypted file will look totally different than the original file. Attempts to
delete Volume Shadow Copy Service (VSS) backups can also be indicative of
ransomware. All these signals together can be used to detect ransomware, but
attackers can still try to hide, for example, by slowing down file encryption
and executing it in batches.
Streaming Data From Files Into Multi-Broker Kafka Clusters
Kafka Connect is a tool for streaming data between Apache Kafka and other
external systems and the FileSource Connector is one of the connectors to
stream data from files and FileSink connector to sink the data from the topic
to another file. Similarly, numerous types of connector are available like
Kafka Connect JDBC Source connector that imports data from any relational
database with a JDBC driver into an Apache Kafka topic. Confluent.io developed
numerous connectors for import and export data into Kafka from various sources
like HDFS, Amazon S3, Google cloud storage, etc. Connectors belong to
commercial as well as Confluent Community License. Please click here to know
more about the Confluent Kafka connector. File Source connector to stream or
export data into Kafka topic and File Sink connector to import or sink data
from the Kafka topic to another file. The file that receives the data
continuously from the topic can be considered as a consumer. These two
connectors are part of the Open Source Apache Kafka ecosystem and do not
require any separate installation.
Legacy security architectures threaten to disrupt remote working
Connecting users often came at the expense of other factors, such as security,
performance and management. As most respondents (81%) expect to continue
working from home (WFH), 2021 will see enterprises address those other areas,
evolving their remote access architectures to protect the remote workforce
without compromising on the user experience. Yet securing the remote
workforce has proved challenging for IT professionals. Enforcing corporate
security policies on remote users was the second most common security
challenge (58% of respondents) while 57% indicated they lacked the time and
resources to implement recognised security best practices. Boosting remote
access performance was found to be the most popular use case for 2021, by 47%
of respondents. SASE was also an increasing focus for enterprises in
post-pandemic 2021, with as many as 91% of respondents expecting SASE to
simplify management and security. Half of respondents (52%) said SASE would be
very or extremely important to their businesses post-Covid-19 and 91% of
respondents expected SASE to simplify management and security. Providing
evidence of how SASE is benefiting organisations, Cato found that of those
firms that had already adopted SASE, 86% experienced increased security, 70%
indicated time savings in management and maintenance...
Companies turning to MSPs as attack vectors get more sophisticated
Security is not the only top driver. Finance leaders chose reduced costs (57%)
as their top reason, noting that an MSP is less expensive than hiring talent
internally. For e-commerce retailers, increased security (46%) and reduced costs
(46%) tied for the top spot. “It’s never been more critical to have an encrypted
backup and disaster recovery solution to ensure your business is always up and
running. The increased threats to companies and MSPs have never been this
severe, and it’s going to continue to get worse,” said Infrascale CEO Russell P.
Reeder. “In this ever more challenging landscape, data protection and data
recovery are top priorities for MSPs serving clients, especially as attack
surfaces expand and attack vectors get more sophisticated,” he continued. The
survey further revealed which MSP services are most prominent for each industry.
Finance (53%), education (51%), and healthcare (53%) executives all noted that
the top service they leverage most with their MSPs is data protection, while
manufacturing executives specified a subset of that category, cybersecurity
services (58%) — focusing on computer network environments as their top MSP
service.
Why CIOs Must Set the Rules for No-Code, Low-Code, Full-Code
A no-code application uses point-and-click visual tools that users drag and
drop in order to create an application. No knowledge of coding is needed. This
is strictly point-and-click development on a visual user interface that gives
access to data, basic logic and data display choices. Best fit: No-code
development works when the data and queries the user needs are basic and the
tool can integrate with the data sources that have predefined APIs. No-code
tools are ideal for rapid turnaround applications that use and report basic
information -- like, what are the sales numbers for our air conditioning
products this month? The tools are used with transactional data, not with
unstructured, big data. Low-code development tools have point-and-click,
graphical user interfaces that are similar to those found in no-code tools,
only low code also allows developers to add pieces of custom code that
embellish functions not handled by the low-code platform. Best fit: For
applications that must be integrated with other systems and databases, as well
as delivering rapid time to market, low-code tools make excellent platforms.
Low code also enables non-programming users to collaborate in developing apps
with more technical IT programmers.
Tips for a Bulletproof War Room Strategy
In today's environment, especially in larger companies, employee skill sets are
getting more technically diverse with stand-alone teams spanning cloud, network,
development, automation, and more. As much as these teams may want to work in
their own lane, there is no denying that their work directly affects other
groups in the organization. When they send updates or find an exploit that
threatens their system, it's not just their system that is impacted. It can
produce massive consequences across all areas of the business. ... In combat,
one of the biggest mistakes that could cause you to lose your position is
indecision. In security, when a breach occurs, teams can't afford to disagree.
War rooms are built to enable quick decision-making by empowering need-to-know
decision-makers with the authority needed to respond rapidly. An effective war
room brings together the right people and the right information so that the
right decisions can be quickly made. ... In another, you can elevate that war
room into an actual live incident or bring together a group of senior management
to plan out the risk posture for the foreseeable future, whether that's the next
quarter, the next year, or maybe for a large upcoming event where they want to
plan for attack possibilities.
Microsoft Taking Additional Steps to Address Zerologon Flaw
Some security experts say Microsoft is taking the right step to ensure that
customers' networks remain safe even if they haven't applied the patch.
"Microsoft seems to expect that patching all devices out there will take a
substantial amount of time, so it takes this backup approach to mitigate the
risk for its customers," says Dirk Schrader, global vice president at security
firm New Net Technologies. "The difficulty for those customers, given the
pandemic situation of working from home, is to find and patch all vulnerable
devices. It is time to scan and check all devices, monitor them for unwanted
changes, to find and patch as quickly as possible." Jigar Shah, vice president
of security firm Valtix, notes that Active Directory remains important to
companies that rely on cloud platforms, such as Azure. So, they want to be
assured that their infrastructure is secure even if that requires Microsoft to
force the issue. "Active Directory domain controllers are still fundamental to
enterprise apps in public clouds," Shah says. "And the battle is to
continuously and automatically do virtual patching until software vendors roll
out patches that can be deployed, something that often takes weeks and
months..."
Study: Cloud transformation necessary for digital transformation
Cloud migration is a necessary step for digital transformation, which is
proceeding faster than planned at many enterprises because of the COVID-19
pandemic, according to research from Cloud Industry Forum (CIF), a cloud
computing organization based in the United Kingdom. The cloud is an
important steppingstone for getting off legacy on-prem technologies and
outfitting today's more flexible, remote workforce. Supporting a remote
workforce requires a digital transformation, and to do that, companies need
the cloud – public, private, or hybrid. CIF found that in many sectors,
remaining productive during lockdown depended on their cloud-readiness.
Migrating to the cloud has delivered results for more than 90% of
organizations during the past year, according to the CIF research. In
addition, 91% of decision makers said that cloud formed an important part of
their digital transformation, with 40% saying the role of the cloud was
crucial. COVID-19 has been a significant driver. A majority of organizations
(69%) have sped up their as digital transformation plans in some way as a
result of the pandemic, according to the research. "On the whole,
organizations did a commendable job of adapting in the face of an
unprecedented situation; it is safe to say that many have been pleasantly
surprised at how successful the shift to remote working has been.
Digital Transformation: How Leaders Can Stand Out
Enterprise CIOs are contending with the impact of COVID-19 on their IT
priorities and tech spending. In order to prioritize what is indispensable,
there should be a strong focus on embracing technology that puts the bottom
line first. There’s a huge opportunity to streamline repetitive,
time-consuming tasks across departments, from marketing to sales and customer
service, freeing up time and shortening feedback loops. Traditional digital
transformation initiatives often overlook the edges of the business where
employees are stuck relying on manual processes, spreadsheet solutions and
outdated legacy systems for business workflows. Organizations have to be able
to solve for changes quickly, whenever they may come up, from anywhere in the
business. Having digital tools in place that allow for automation and enhanced
processes are crucial not only for saving time and money, but also for
providing real-time insights and opportunities to change to quickly adapt to
meet customer demands, employees and overall disruption. The shortage of
software developer talent is well-documented, and IT departments are
overwhelmed without the support they desperately need.
2021 Trends in Blockchain: Mainstream Adoption at Last
The most emergent Blockchain trend of the year is the motion towards solving
its scalability issues via the cloud. There are plentiful cryptocurrency use
cases in which the notion of scale—both horizontal and vertical, reflecting
mounting numbers of users and data—induces considerable latency, almost
derailing this technology’s value. A practical solution to this necessity
stemming from blockchain’s decentralized consensus approach to transaction
validation is employing serverless computing architecture to resolve the
latency resulting from the conventional approach, in which “every machine is
doing the same work,” Wagner revealed. “If one runs out of space, memory,
compute, or network capacity, game over.” However, by relying on serverless
architecture to spin up machines on demand, “that serverless implementation
lets us recruit hundreds, thousands, even tens of thousands of machines for
every individual node of a blockchain,” Wagner explained. This method
enables organizations to devote whatever resources they need to validate
transactions with these decentralized ledgers, dramatically reducing the
latency and downtime otherwise inherent to scaling up.
Quote for the day:
"Make every detail perfect and limit the number of details to perfect." -- Jack Dorsey
No comments:
Post a Comment