With a Private CA (or “Private PKI”) solution, you can brand the certificates for your servers, devices, and users. Since the purpose of this CA is to serve your organization only, it will provide a tighter control when its Public Key Infrastructure (PKI) is used for internal user authentication. For this reason, Private PKI is immensely popular for deployment in enterprise IT, as well as cloud-native DevOps and Internet of Things (IoT) environments.
Risk Based Security released their 2020 Mid Year Data Breach QuickView Report, revealing that although the number of publicly reported data breaches stands at its lowest in five years, the number of records exposed is more than four times higher than any previously reported time period.
Over the past few months, millions of workers have turned their homes into their new, remote office, including state government employees, which brought a host of risks through use of unsecured Wi-Fi and poor access controls. This shift toward home as well as the underlying panic brought on by COVID-19 altered hackers’ focus and targets aimed at the remote worker. Chief Information Security Officers (CISO) preparing their companies for this change require time, training for employees and the right technology, as well as increased cooperation between the security teams and IT/network operations groups.
In her “Top Breaches of 2019”, a security journalist asked if last year would “…be the worst on record?” It looks like 2020 could surpass last year’s breaches, but it’s not entirely due to consequences of the global pandemic. For sure, unprecedented levels of remote working has emboldened hackers to exploit new vulnerabilities, but there’s one very insidious risk that shows up year after year: the silent and unwitting exposure of sensitive data that no one notices… until it’s too late.
The internet has become a powerful force for global interconnectivity and democratization. What’s more, the internet has introduced new methods for collective mobilization, such as “e-rebellions” and virtual protests. The global pandemic has accelerated the use of cyberspace as a powerful venue for individuals, groups, and nations to share ideas, engage, mobilize, and challenge authoritarian states in an impactful way.
The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) released a new Cybersecurity Advisory about previously undisclosed Russian malware.
ESET researchers explored Mekotio, a banking trojan targeting Spanish- and Portuguese-speaking countries: mainly Brazil, Chile, Mexico, Spain, Peru and Portugal. Mekotio boasts several typical backdoor activities, including taking screenshots, restarting affected machines, restricting access to legitimate banking websites, and, in some variants, even stealing bitcoins and exfiltrating credentials stored by the Google Chrome browser.
(ISC)² announced the list of honorees for its 2020 (ISC)² Global Achievement Awards, which recognize and celebrate the most outstanding annual and lifetime achievements in the field of cybersecurity.
