Security News > 2021

There is an industry-wide cloud permissions gap crisis, leaving countless organizations at risk due to improper identity and access management, a CloudKnox Security report reveals. "The focus on digital transformation over the last few years-and accelerated throughout 2020-has led to a significant delta between permissions granted and permissions used in the cloud. This cloud permissions gap is a massive contributing factor to the rise of both accidental and malicious threats for organizations of all sizes," said Raj Mallempati, COO of CloudKnox.

McAfee released its new report, examining cybercriminal activity related to malware and the evolution of cyber threats in the third and fourth quarters of 2020. In Q4, there was an average of 648 threats per minute, an increase of 60 threats per minute over Q3. The two quarters also saw COVID-19-related cyber-attack detections increase by 240% in Q3 and 114% in Q4, while Powershell threats again surged 208% due to continued increases in Donoff malware activity.

That's the premise behind one-time passwords, biometrics, pin codes, and other authentication methods presented as passwordless security. While this sounds appealing on the surface, the problem is that, when you dig deeper, these passwordless solutions are still reliant on passwords.

Going for the CISSP, CCSP or another² certification? We know that preparing for the exam is a big commitment and it can be difficult to know where to start. Confidence comes from knowing what to expect and feeling prepared.

RSA has published its latest quarterly fraud report, reinforcing the migration to more precise payment authentication methods and showing a notable spike in brand abuse attacks. Mostly notably, payment transaction volume using the 3-D Secure protocol grew more than 73% globally, while 2.x transaction volume grew 26 times in the Americas alone.

Making sure employees have a high level of knowledge around how to handle email securely at home or in the office is essential, but while the IT team may understand how important cybersecurity is, other employees may need to be convinced. Here's how to get employees invested in security awareness training in five simple steps, according to Mimecast.

In 2020, Imperva saw the highest percentage of bad bot traffic since 2014, while traffic from humans fell by 5.7%. More than 40% of all web traffic requests originated from a bot last year, suggesting the growing scale and widespread impact of bots in daily life. Advanced Persistent Bots remained the majority of bad bot traffic over the past year, amounting to 57.1%. These bots are responsible for high-speed abuse, misuse and attacks on websites, mobile apps and APIs.

Seventh Knight has developed an embedded solution with the MaaS360 technology powered by IBM. The solution helps clients secure their enterprise networks from ransomware and zero day attacks, while also providing protection to clients of any size through its MSSP reseller program and direct sales initiative. Seventh Knight announced AppMoat360, a UEM Security Service to provide control and security over the growing number of mobile and IoT devices, as well as to most Microsoft Windows environments, including Windows 10, 7, XP, Virtualized, and Server variants, which is critical to clients running a mix of modern and legacy systems.

Based on extensive analysis of real-world data risks and available through Digital Guardian's Managed Security Program, the cloud-delivered DLP service for midsize companies streamlines the deployment and management of an enterprise-grade data loss prevention program. Addressing these workforce dynamics, Digital Guardian's Managed DLP for midsize companies channel program provides time- and resource-constrained organizations with affordable, sustainable data protection that can be deployed in days and drastically reduces the risk of sensitive data loss.

The new release tests and detects any issues in the digital workspace - before the end-user experiences an outage. "Controlling unplanned changes is an ongoing, daily challenge for most enterprises," said Michael Kent, CTO of Login VSI. "Login Enterprise version 4.5 prevents any business outage, resulting from planned and unplanned changes, by continuously testing the Digital Workspace 24/7 from pre-production thru production."