Many of you know that Michael Hughes left us last month to begin a new chapter in his life. As our former SVP of Worldwide Sales and Services, Michael interacted with people and built friendships all over the world. Based on the work he did while he was with us, we can be sure that his friendships with the people involved in the Challenged Athletes Foundation (CAF) are among his most treasured.
One of the leading misconceptions surrounding social engineering and phishing is that the source of the problem is centered on users clicking on bad links. Make no mistake, a large percentage of social engineering attacks do invite users to click on bad links and this action can definitely have consequences, yet many of the highest profile social engineering attacks have absolutely nothing to do with links and nothing to do with clicking.
Labor Day has its roots in a 19th-century effort to celebrate the contributions organized labor unions made to advancing prosperity in the U.S. But in IT security circles labor as an issue has become a very hot topic in the 21st century indeed. Organizations are investing more in security automation with each passing day that makes extensive use of machine and deep learning algorithms to automate a wide variety of security tasks.
In fact, those technologies are now starting to seep into the IT infrastructure layer. For example, VMware at the VMworld 2018 conference this week unveiled a Platinum Edition of VMware vSphere that embeds VMware AppDefense security software in the hypervisor. That security software makes use of machine learning algorithms to make sure that applications only execute code that is specifically permissioned. Michael Adams, senior director for the cloud platform business unit for vSphere, says VMware expects that in very short time the platinum edition will become the default option employed by most IT organizations.
One of the most prevalent types of cyberfraud is the Business Email Compromise, or BEC scam. These attacks are responsible for billions of dollars in fraud losses over the last few years, and the criminals keep getting better at scamming their victims.
Criminals use Business Email Compromise (BEC) attacks to obtain access to a business email account and imitate the owner’s identity, in order to defraud the company and its employees, customers or partners. In most cases, scammers focus efforts on employees with access to company finances or payroll data and other personally identifiable information (PII).
Email systems have become a primary source of phishing, malware, and ransomware attacks.
Convincing customers to invest in extra layers of email security can be challenging, but it's well worth it for MSPs to try. After all, they’re the ones who will have to clean up the mess if there is a breach.
For MSPs, the first step in selling customers secure email services is to convince them of the scope of the problem. Small and medium-sized businesses (SMBs) are often victims of cyberattacks, even though many SMBs feel they are not high profile enough to be targets. The Ponemon Institute notes that 55 percent of SMBs were victims of cyberattacks in 2016.
It’s not too hard to imagine how that balance of political power in the U.S. after the November elections might be tipped one way another due to cyberattacks being launched against voting machines from overseas. In fact, a recent survey of 411 IT security professionals conducted by Dimensional Research on behalf of Venafi, a provider of tools for securing machine data, find 93 percent of security professionals are concerned about cyberattacks targeting election infrastructure and data. A total of 81 percent report they believe cybercriminals will target both software and hardware as well as election data as it is transmitted by machines from local polling stations to central aggregation points. In fact, 64 percent believe vulnerabilities and exploits connected with election systems are already available on the dark web.
Just to show how vulnerable the voting process, organizers at the recent DEF CON 2018 conference organizations set up an entire village on the show floor dedicated to hacking various systems and applications. They even invited kids as young as 11 to show how easy it is to hack those systems.
As you may know, the annual Barracuda Partner Advisory Council was held in Lake Tahoe this week. Barracuda uses this event to spend some time recognizing outstanding achievement among our partners. We are pleased to announce the recipients of these awards, including contact information and a brief description taken from one of their own sources.
Outages occur for a wide range of reasons, but a new global survey of 1,287 IT and security professionals working in small-to-medium businesses (SMBs) published by Kaseya, a provider of a platform for delivering managed services, shows how closely linked backup and security are becoming.
Well over half the respondents (58%) cite cybersecurity and data protection as their top concern for 2019, followed by capacity of network infrastructure at a distant second (34%).
That compares to 54 percent citing overall security in 2018, followed by reducing IT costs at 31 percent.
The Internet of Things is transforming businesses across the planet. It has the power to make them safer, more efficient, productive, environmentally friendly, and agile. But there’s a real danger that these new systems could be used not just to infiltrate corporate networks, or hijacked to participate in botnets, but also to cause widespread panic and endanger lives across new smart city environments. A new paper published at Black Hat has painted exactly that scenario. Unfortunately, it’s not the first.
To mitigate the threats posed by our new IoT-powered world, we need to take action at every layer of this complex ecosystem. That means driving manufacturers to develop more secure devices, organisations to implement and configure them more securely, and the security industry to step up with practical solutions to keep systems safe going forward.
As a key provider of security solutions to Microsoft Azure customers, Barracuda today announced the availability of its Web Application Firewall-as-a-Service in the Microsoft Azure Marketplace, an online store providing applications and services for use on Azure. Barracuda customers can now take advantage of the productive and trusted Azure cloud platform, with streamlined deployment and management.
Organizations have relied on Barracuda’s CloudGen WAF – including advanced bot protection, proactive DDoS protection, and deep integration with DevOps toolchains – for securing applications in their hybrid/cloud datacenters for years. When they want to migrate applications, or build new apps in the public cloud, and they desire a Software-as-a-Service solution, their options that provide similar levels of control have been limited until now. That has led to under-secured web applications across hybrid environments, despite the original goal of faster time to market, agility, and cost-efficiency.