-
SolarWinds Hack Defenses: Protecting Against ‘Solorigate’ TTPs
A March 2020 software update of the SolarWinds Orion management platform gave malicious actors unhindered access to key government and enterprise networks. Microsoft has dubbed the infamous supply chain compromise of SolarWinds as “Solorigate.” In December, eSecurity Planet detailed FireEye’s initial findings, implications for the industry, and how to mitigate similar attacks. Since then, much […]
-
The IoT Cybersecurity Act of 2020: Implications for Devices
A universe of devices and technology has fallen into our laps at a speed that organizations struggle to manage effectively. And that boom in devices shows no signs of stopping. In 2019, there were an estimated 9.9 billion Internet of Things (IoT) devices. By 2025, we expect 21.5 billion. As more information about IoT device […]
-
New TCP/IP Vulnerabilities Expose IoT, OT Systems
Forescout Research Labs last month released a 14-page white paper and a 47-page research report detailing 33 vulnerabilities affecting millions of Internet of Things (IoT), Operational Technology (OT), and IT devices. Dubbed AMNESIA:33, these newly identified vulnerabilities include four broadly used TCP/IP stacks and have left more than 150 vendors potentially compromised. Forescout’s findings are […]
-
Cloud-based security: SECaaS
Irrespective of your organization’s size or complexity, a robust cybersecurity infrastructure is the key to protecting your network and data. But common problems prevail for IT staff monitoring or managing potential threats: a constant triage of alerts, dispersed information challenging to gather, and lack of time, tools, or resources to effectively protect your organization. To […]
-
Cloud Bucket Vulnerability Management
The movement to the cloud means access to data anywhere, enhanced data recovery, flexibility for collaboration, and less of a burden on IT staff. But, while cloud providers boast that their storage services — or “buckets” — offer added application security, they have also consistently proven vulnerable. A bucket is a virtual storage unit provided […]
-
FireEye, SolarWinds Breaches: Implications and Protections
Five days after FireEye detailed the theft of about 300 of its proprietary cybersecurity tools, SolarWinds announced that its Orion IT monitoring platform had also been compromised by hackers believed to be sponsored by the Russian government. Together, the attack that originated with a SolarWinds vulnerability turned over critical cybersecurity infrastructure to the malicious actors, […]
