A new Rapid7 research found that the security of the internet overall is improving. The number of insecure services such as SMB, Telnet, rsync, and the core email protocols, decreased from the levels seen in 2019. However, vulnerabilities and exposures still plague the modern internet even with the increasing adoption of more secure alternatives to insecure protocols, like Secure Shell (SSH) and DNS-over-TLS (DoT).
The Cybersecurity and Infrastructure Agency (CISA) and the National Security Agency (NSA) have issued an activity alert due to the recent malicious cyber activity against critical infrastructure (CI) by exploiting internet-accessible operational technology (OT) assets.
With telecommuting here to stay, now is the perfect time to re-examine just how much network access you are giving your users and machines. You might be shocked to see how open your network really is. Most organizations allow more access than their users or machines will ever need or should ever have – this excessive trust is what allows attackers who get into the network to spread and cause a lot of damage.
Honeypots were the first form of deception technology. IT security researchers started using them in the 1990s, with the intent to deceive malicious actors who had made it onto the network into interacting with a false system. In this way, honeypots could gather and assess the behavior of the malicious actors. They were not created for threat detection. However, things have changed a great deal in the years since honeypots were created – including deception technology.
The United States Department of Justice charged two Chinese hackers with global computer intrusion campaign to target intellectual property and confidential business information, including COVID-19 research.
ESET announced that applications are open for the fifth annual ESET Women in Cybersecurity Scholarship. This year, ESET will award $5,000 each to three(3) young women currently enrolled as undergraduates and who major in a STEM (science, technology, engineering and mathematics) field.
John A. Wilson is now vice president and Chief Information and Security Officer at MITRE, leading the Enterprise Computing, Information, and Security organization.