Security News

Online criminals have increasingly targeted Remote Desktop Protocol connections over the past year, according to infosec biz ESET. During calendar 2020, ESET recorded what it said was a 768 per cent increase in attack attempts on RDP, a key Windows feature for remote working, during the course of the year. Roman Kováč, ESET's chief research officer, said in a statement: "RDP security is not to be underestimated especially due to ransomware, which is commonly deployed through RDP exploits, and, with its increasingly aggressive tactics, poses a great risk to both private and public sectors."

Microsoft will introduce this month a new security alert that will notify enterprise security teams when an employee is being targeted by suspected nation-state attackers. " attacks represent some of the most advanced and persistent threat activity Microsoft tracks.

Employees commonly and inadvertently compromise company data through poor password hygiene, accidental data sharing, improper technology use, phishing scams, and more. Some employees will also act maliciously, intentionally stealing company data for profit, retribution, or fun.

Threat Stack announced new capabilities that help security teams quickly detect and remediate threats in cloud infrastructure. Threat Stack now enriches Linux host and container events in real time with EC2 metadata like VPC, security group, and DNS names.

The dynamic nature of cybersecurity, the changes in the threat landscape, and the expansion of the attack surface lead organizations to add more security solutions-from different vendors-creating a layered security infrastructure that introduces new challenges to any team, with a much more significant impact on small ones. Sophisticated attacks continue to bypass these advanced security layers while FOMO compels security teams to evaluate every new solution that comes out.

Organizations with a remote workforce that rely on Microsoft Teams for a centralized workplace for collaboration, can add best-in-class Encryption and Rights Management to ensure automatic protection of sensitive data shared and accessed from Microsoft Teams. Seclore for Microsoft 365 offering allows organizations to automatically add persistent, granular usage controls to sensitive documents worked on in Microsoft Teams channels.

Cybersecurity company Cynet just released findings from a survey of 200 CISOs in charge of small security teams to shine "a spotlight into the challenges of small security teams everywhere." In addition to better understanding the challenges these CISOs face, the 2021 Survey of CISOs with Small Security Teams delves into the strategies CISOs will employ to ensure their organizations are protected from the ongoing onslaught of cyber threats - all while saddled with limited budgets and headcount.

Pwn2Own Vancouver typically takes place during the CanSecWest conference in Vancouver, Canada, but due to the coronavirus pandemic, this year's event will be hybrid - participants can submit their exploits remotely and ZDI staff in Toronto and Austin will run the exploits. The car is being offered to those who participate in the automotive category.

"Despite the challenges of accelerated digital transformation timelines, this year has provided many lessons for IT and business leaders. One of the most important being the optimization of the best management and security practices for our cloud-native future of working-from-anywhere." 83% of IT leaders with in-house security teams are now considering outsourcing their security efforts to an MSP in 2021.

Companies with small security teams, generally SMEs, are facing a number of unique challenges, placing these organizations at greater risk than their larger enterprise counterparts, according to Cynet. In this survey of 200 CISOs at SMEs with five or fewer security staff members and cybersecurity budgets of $1 million or less, it was found that a majority of these organizations were overwhelmed by the endless volley of cyber attacks.