Zero Trust promotes the concept that organizations should not trust any entity inside or outside their network perimeters in a predetermined fashion. Adoption of the Zero Trust security model is picking up steam at last. In February 2020 – before the pandemic swept the world – a survey of more than 400 IT security decision makers conducted by Cybersecurity Insiders and Pulse Secure revealed that 72% of organizations were planning to either assess or implement Zero Trust in their security strategy during the course of the year. Then, in May 2021, President Biden’s Executive Order on Improving the Nation’s Cybersecurity threw down the gauntlet…
Author: David Gadnyx
25 years after the invention of VPN’s (PPTP was invented by an MSFT employee in 1996) we have finally found a revolutionary way of working remotely with increased security. In the new reality of instant lockdowns due to the pandemic, companies are forced to find ways to give access to cloud and on prem applications in a fast and secure manner. Zero Trust Network Access (ZTNA) coupled with adaptive Multi Factor Authentication (MFA) is now being widely adopted world-wide as the best architecture to use. Some questions that IT departments are being asked to solve: “Do I need to upgrade…
Vulnerability Scanning vs. Penetration Testing Penetration testing exploits a vulnerability in your system architecture while vulnerability scanning (or assessment) checks for known vulnerabilities and generates a report on risk exposure. Either penetration testing or vulnerability scanning depends mostly on three factors: Scope Risk and Criticality of assets Cost and Time Penetration Testing Penetration testing scope is targeted and there is always a human factor involved. There is no automated penetration testing – penetration testing requires the use of tools, sometimes a lot of tools. But it also requires an extremely experienced person to conduct penetration testing. A good penetration tester…
BRATISLAVA — August 10, 2021 — ESET, a global leader in cybersecurity, today published its latest research white paper, titled “RANSOMWARE: A look at the criminal art of malicious code, pressure, and manipulation.” The report examines how dangerous ransomware has become due to the criminals’ psychological and technical innovation and offers advice on how organizations can best protect themselves. It also reveals the most widespread techniques used by malicious actors, focusing on three specific attack vectors: Remote Desktop Protocol (RDP), email attachments, and supply chain. Ransomware gangs have misused the COVID-19 pandemic to expand their extortion and distribution toolkit, focusing…
Summary Major sporting events, like the World Cup or the Olympics, are usually targets of cybercriminals that take advantage of the event’s popularity. During the 2018 World Cup, for example, an infected document disguised as a “game prediction” delivered malware that stole sensitive data from its victims, including keystrokes and screenshots. A new malware threat emerged just before the 2020 Tokyo Olympics opening ceremony, able to damage an infected system by wiping its files. The malware disguises itself as a PDF document containing information about cyber attacks associated with the Tokyo Olympics. The wiper component deletes documents created using Ichitaro, a popular word processor…
Earlier this year, in a country populated with over 50 million people, a series of protests began due to higher taxes, corruption and a healthcare reform proposed by the government. Although the government authorities had anticipated the protests would be widespread, no one suspected that a massive cyberattack would be launched on multiple assets of the government’s networks with the intent of bringing it down. Shortly after the attack began, a notorious group of hackers came forward and claimed responsibility for the three-wave attack lasting two weeks. The first wave of the attack came as a surprise to the government. The wave…
2.1 million people over eleven counties in North Texas depend on Tarrant Regional Water District (TRWD) for their water supply and flood control measures. As a critical part of our national infrastructure, they are well aware of the rising risk of advanced persistent threats, but they also have a small network team with no dedicated in-house security staff. So how does a team like the one at TRWD take on security and regain the upper hand? Should they find themselves face-to-face against sophisticated cybercriminals, it would be a true underdog story—but this small, savvy team in North Texas turned to…
Bratislava, July 26, 2021 — ESET, a global leader in cybersecurity, has achieved ‘Champion’ status for the third year in a row in the latest Global Cybersecurity Leadership Matrix from Canalys, improving upon its 2020 matrix position with a focus on investment in enterprise services and partner training. Canalys is a leading global technology market analyst firm with a distinct channel focus, and strives to guide clients on the future of the technology industry and to think beyond the business models of the past. The 2021 Cybersecurity Leadership Matrix assessed 19 cybersecurity vendors on their global channel and market performance over the last 12 months. The Leadership Matrix combines partner feedback from Canalys’ Vendor Benchmark tool with an…