Barracuda

Phishing and Facebook – a test of reputation

October 16, 2018 by Asaf Cidon

Facebook is never far from the news agenda, so it was no surprise to see the company under the media spotlight again when it was revealed that a recent hack exposed the personal information of 30m users. After polling visitors to Cloud Expo earlier this year on their views of Facebook and data privacy, we took to the floor at the IP Expo show in London earlier this month to learn how businesses were feeling about their defences in the wake of the latest high profile attack.

The last time we spoke to the tech industry at a UK trade show, it was on the back of the news that millions of Facebook profiles were apparently exploited for political purposes, so we were keen to understand how views had changed in the six months since then.

Back in April, trust in Facebook appeared to have been badly affected, with 55% claiming that they trusted Facebook less as a result of the Cambridge Analytica scandal. Results from IP Expo further confirmed this, with 41% of respondents citing that they didn’t trust Facebook even before this latest news story. What’s encouraging is that individuals are taking measures to protect themselves – 28% said that they had amended their security and sharing settings as a result, almost identical to the 29% who said the same at Cloud Expo.

Individuals in the IT industry have definitely become more wary of how they’re using Facebook, but did this have any bearing on their business?

Asaf Cidon

Asaf Cidon is vice president of content security services at Barracuda Networks. In this role, he is one of the leaders for Barracuda Sentinel, the company's AI solution for real-time spear phishing and cyber fraud defense. Barracuda Sentinel utilizes artificial intelligence to learn the unique communications patterns inside customer organizations to identify anomalies and guard against these personalized attacks. Asaf was previously CEO and co-founder of Sookasa, a cloud storage security startup that was acquired by Barracuda. Prior to that, he completed his PhD at Stanford, where his research focused on cloud storage reliability and performance. He also worked at Google’s web search engineering team. Asaf holds a PhD and MS in Electrical Engineering from Stanford, and BSc in Computer Engineering from the Technion.

Connect with Asaf on LinkedIn.

http://www.barracuda.com

Most Cybersecurity Professionals Want to Quit but Often Don’t

October 12, 2018 by Mike Vizard

One could assume that given the chronic shortage of cybersecurity professionals that organizations large and small face there would be a maniacal focus on retaining individuals with these critical skills. But a survey of over 9,000 IT security professionals published this week by Mondo, a staffing agency, a full 60 percent of respondents reports they are looking to leave their job.

A lack of growth opportunities and job satisfaction are tied as the top reasons to leave a job, followed by unhealthy work environment, lack of IT security prioritization from C-level or upper management, unclear job expectations, and lack of mentorship.

Mike Vizard

Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Fast Eats Big: Supercharge Your Business with Barracuda Network and Application Security

October 10, 2018 by Christine Barry

Earlier this year Barracuda and Microsoft worked together to present the Cloud Ready Channel Summit, which was a gathering of leaders from both companies as well as some of our partners. Phil Sorgen, Corporate Vice President, US Enterprise Commercial at Microsoft, made this point in his presentation:

Business used to be “big eats small.” Now with the public cloud, it's “fast eats big.”

Barracuda network and application protection solutions are designed to make business easier and faster for our customers. We do this by bringing together the best technologies, concepts, and business processes, getting them to market quickly and affordably, and supporting them like crazy with Energize Updates, Instant Replacement, award-winning tech support, and more.

A core piece of our success story is the recognition that small and medium enterprises are no longer protected by obscurity or a belief that they are too insignificant to attack. In the modern threat landscape of bots and attacks-for-hire and anonymous state-sponsored hackers, SME companies are at risk just like the large enterprises. To help these companies defend themselves, we've put large enterprise type capabilities into a solution that is designed to be simple and low-maintenance for the IT professionals.

Business used to be 'big eats small.' Now with the public cloud, it's 'fast eats big.' ~@Phil_SorgenClick To Tweet

Christine Barry

Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.

Connect with Christine on LinkedIn.

https://blog.barracuda.com

Security of Global Supply Chains to Come Under Review Real Soon

October 5, 2018 by Mike Vizard

A lot of business and IT executives this week are spending a lot more time thinking about just how vulnerable their supply chains are in the wake of a report that alleges widely used servers have been compromised by a microchip surreptitiously implanted by on motherboards. The veracity of the report is highly disputed. But given the financial impact the report has had on the stock prices of organizations such as Super Micro named in the report, more than a few business leaders are wondering to what degree the systems they rely on are compromised.

'Cybersecurity professionals are wondering how much sensitive IP may have been lost if their extended supply chains have been compromised.' ~@MVizardClick To Tweet

Cybersecurity professionals, meanwhile, are wondering just how much sensitive intellectual property may have been lost if it turns out that servers employed by Amazon and others that are part of their organization’s extended supply chains have been compromised.

Supply chain security has always been a concern. But as organizations move to digitize their supply chains the potential for security breaches starts to exponentially increase. Each supply chain is only as going to be as secure as its weakest cybersecurity link. A server compromised halfway around the world that is being employed by a critical supplier could theoretically become a vector through which some of the organizations most critical secrets are being revealed. It’s not hard to extrapolate what the implications are surrounding an order for a large quantity of parts required to make a specific finished product.

Mike Vizard

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Homeland Security warning: Hackers targeting MSPs

October 4, 2018 by Anne Campbell

This week, the Department of Homeland Security issued a warning that advanced persistent threat (APT) actors are targeting managed service providers (MSPs) and cloud service providers (CSPs). IT service providers make attractive targets for cybercriminals due to the access they have to their customers’ networks and for the sensitive customer data that they may have stored on their own networks.

In the memo, The National Cybersecurity & Communications Integration Center (NCCIC) notes: “By servicing a large number of customers, IT service providers can achieve significant economies of scale. However, a compromise in one part of an IT service provider’s network can have globally cascading effects, impacting other customers and introducing significant risk.”

Advanced persistent threat (APT) actors are targeting Managed Service Providers (MSPs) and Cloud Service Providers (CSPs). @AnneKCampbell Click To Tweet

According to NCCIC, this activity by APT actors had been ongoing since at least 2016 using a variety of tactics. Research shows a spike in attacks targeting service providers in 2018. Trustwave, a managed security service provider, released a report in April showing that service providers now account for just over 9 percent of all the cyberattacks the firm tracks annually, up from nearly zero in 2017.

Anne Campbell

Anne Campbell is the public relations manager for Barracuda. She's been with the organization since 2014, working on content and public relations for Barracuda MSP, the MSP-dedicated business unit of Barracuda. She started her career in newspaper and magazine journalism, and she brings that editorial point of view the work she does, using it to help craft compelling stories.

https://blog.barracuda.com

Secure your APIs

October 2, 2018 by Tushar Richabadas

Over the last few months, there have been a handful of public API compromises. These compromises included a “legacy” API that leaked personal information of BlackHat conference attendees, and what seem to be two separate T-Mobile leaks – one which leaked personal information, and another where both AT&T and T-Mobile leaked customer’s account PINs.

An API, or Application Programming Interface, is as the name suggests, a way in which one piece of software can interact with another. A simple example is a mobile Twitter application like TweetDeck. TweetDeck uses the Twitter API to get the basic data, perform basic actions, and provide various functionalities like lists and columns. So when you use TweetDeck to view your timeline and send tweets and direct messages in a nice, customized user interface, you are using the Twitter API.

Application Security Product Manager Tushar Richabadas talks about #API #security in this Barracuda Blog post. Click To Tweet

[Read more…] about Secure your APIs

Tushar Richabadas

http://www.barracuda.com

Cyberwarfare Set to Escalate in Wake of Latest DoD Policy Change

September 28, 2018 by Mike Vizard

Any pretense that nation states are not engaged in full-fledged cyber warfare has dropped following the defining of a new Department of Defense Cyber Strategy policy under which the U.S. government is making it clear that it will “employ offensive cyber capabilities and innovative concepts that allow for the use of cyberspace operations across the full spectrum of conflict.”

Citing cybersecurity attacks emanating from around the globe, the new policy makes it clear the U.S. Department of Defense (DoD) will “seek to preempt, defeat or deter malicious cyber activity targeting U.S. critical infrastructure that could cause a significant cyber incident regardless of whether that incident would impact DOD’s warfighting readiness or capability.” In effect, the DoD is saying that any cyberattack conducted against any asset of U.S. soil could be construed as an act of war.

'Hacking into a system physically located in another country is legally no different than launching a raid that violates the sanctity of another country’s border. ' ~@mvizard Click To Tweet

Of course, technically that’s always been the case for any country. Hacking into a system physically located in another country is legally no different than launching a raid that violates the sanctity of another country’s border. Most nation-states, however, have been especially adroit at covering their cybersecurity tracks and diplomats have been reluctant to make accusations that might escalate tensions.

Mike Vizard

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Europol Highlights Continued Threats, but Magecart Demands Focus on Web Security

September 27, 2018 by Phil Muncaster

When it comes to the threat landscape it’s very easy to get distracted by the more eye-catching attacks. But while these might make for good headlines, and could even help some niche vendors to sell “silver bullet” solutions, there’s actually more continuity in terms of the cyber threats facing firms today than one might think. That fact is borne out by Europol’s latest annual Internet Organised Crime Threat Assessment (IOCTA) report. While there aren’t many surprises in there, it represents a sober assessment of the situation on the ground.

Europol’s IOCTA has one goal in mind: “to stop cyber-criminals from making you their next victim.” @philmuncaster discusses the report in this Barracuda blog post. Click To Tweet

If nothing else, it should be another prompt for organisations to ensure they have suitable measures in place to cope with ransomware, DDoS, phishing and the like. This should be complemented by web server and other controls to mitigate an emerging threat to e-commerce providers: digital skimming.

[Read more…] about Europol Highlights Continued Threats, but Magecart Demands Focus on Web Security

Phil Muncaster

Phil Muncaster is a technology writer and editor with over 12 years’ experience working on some of the biggest technology titles around, including Computing, The Register, V3 and MIT Technology Review. He spent over two years in Hong Kong immersed in the Asian tech scene and is now back in London where information security has become a major focus for his work.

Follow Phil on Twitter and connect with him on LinkedIn.

http://www.barracuda.com

Azure Networking Update: New features, deeper Barracuda partnership

September 25, 2018 by Rich Turner

Yousef Khalidi, Microsoft CVP, Azure Networking, penned a blog post on Monday announcing a wide range of new features for Microsoft Azure including 100 Gbps (fastest connectivity in public cloud), availability of branch connectivity, new cloud-native security capabilities, and application performance services. Many of these new features will be discussed during Microsoft Ignite 2018, and more information can be found in the Azure Networking booth at Ignite (Booth AIC288).

Barracuda has worked closely with @Microsoft over the past several years to ensure our that our public cloud solutions are the perfect fit for @Azure' ~Rich TurnerClick To Tweet

These new features are part of the Azure mission, per Yousef, to “provide comprehensive networking services that are easy to deploy, manage, scale, and monitor. Customers continue to ask for better ways to connect to the cloud, better protection of their cloud workloads, optimal application performance delivery, and more comprehensive monitoring services.”

Rich Turner

Rich is the Product Marketing Manager, Information Management. He's been with Barracuda since the acquisition of C2C Systems in 2014. Rich specializes in cloud-deployed solutions, information management, and archiving systems. His experience includes extensive work on OEM opportunities and the legal community.

If you'd like to get in touch with Rich, you can connect with him on LinkedIn and follow him on Twitter.

You can email Rich at rturner@barracuda.com.

Main navigation

Barracuda

What does Barracuda support for Azure vWAN mean?