With DDoS attacks becoming more frequent, sophisticated, and inexpensive to launch, it’s important for organizations of all sizes to be proactive and stay protected. In this blog, we detail trends and insights into DDoS attacks we observed and mitigated throughout 2022.
The post 2022 in review: DDoS attack trends and insights appeared first on Microsoft Security Blog. READ MORE HERE…
After the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released a recovery script for organizations affected by a massive ransomware attack targeting VMWare ESXi servers worldwide, reports surfaced that the malware evolved in a way that made earlier recovery procedures ineffective.The attacks, aimed at VMware’s ESXi bare metal hypervisor, were first made public February 3 by the French Computer Emergency Response Team (CERT-FR), and target ESXi instances running older versions of the software, or those that have not been patched to current standards. Some 3,800 servers have been affected globally, CISA and the FBI said.To read this article in full, please click here READ MORE HERE…
Cisco has strengthened some of its key security software packages with an eye toward better protecting distributed enterprise resources.Specifically, Cisco added more intelligence to its Duo access-protection software and introduced a new application called Business Risk Observability that can help enterprises measure the impact of security risks on their core applications. The company also enhanced its SASE offering by expanding its SD-WAN integration options.To read this article in full, please click here READ MORE HERE…
A new, tablet-sized media scanner boasts a wide range of capabilities for critical infrastructure defense. READ MORE HERE…
Before the start of the Covid epidemic, a traditional WAN architecture with centralized security worked well for Village Roadshow. “Advanced security inspection services can be applied, firewalls can provide separation, and a demilitarized zone can be implemented,” said Michael Fagan, chief transformation officer at Village Roadshow, the largest theme park owner in Australia.But it required backhauling traffic from remote sites to a data center or hub for security inspection, which can hurt application performance, create a poor user experience, and cost the company in productivity, he said.When the pandemic led the company to transition to a hybrid workforce, with most people working from home or from a remote site, it prompted Village Roadshow to rethink its network and security approach.To read this article in full, please click here READ MORE HERE…
Intel’s TDX framework gains a new capability, and a “shadow stack” in Xeon’s fourth generation aims to knock out a dangerous cyberattack method. READ MORE HERE…
The year highlighted how vulnerable the technology sector is to the vagaries of geopolitics and the macroeconomy, as IT giants laid off workers, regulators cracked down on tech rule-breakers, nations negotiated data security regulations, the US-China chip war widened, and the Ukraine war disrupted business as usual. READ MORE HERE…
Microsoft discovered a vulnerability in macOS, referred to as “Achilles”, allowing attackers to bypass application execution restrictions enforced by the Gatekeeper security mechanism.
The post Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability appeared first on Microsoft Security Blog. READ MORE HERE…
Backup and recovery systems are at risk for two types of ransomware attacks: encryption and exfiltration – and most on-premises backup servers are wide open to both. This makes backup systems themselves the primary target of some ransomware groups, and warrants special attention.Hackers understand that backup servers are often under-protected and administered by junior personnel that are less well versed in information security. And it seems no one wants to do something about it lest they become the new backup expert responsible for the server. This is an age-old problem that can allow backup systems to pass under the radar of sound processes that protect most servers.To read this article in full, please click here READ MORE HERE…
The updated threat matrix for Kubernetes comes in a new format that simplifies usage of the knowledge base and with new content to help mitigate threats.
The post Mitigate threats with the new threat matrix for Kubernetes appeared first on Microsoft Security Blog. READ MORE HERE…