According to a 2021 report by Verizon, almost half of all cyberattacks target businesses with under 1,000 employees. This figure is steadily rising as small businesses seem to be an easy target for cybercriminals. 61% of SMBs (small and medium-sized businesses) were targeted in 2021. But why are small businesses highly vulnerable to cyberattacks? We are looking into where the vulnerabilities are and what small businesses can do to protect themselves.

Banning apps is sometimes necessary to protect your organization from malicious or misused applications. In particular, leaky apps can be a significant threat, and identifying and banning them is an essential app security measure. Some organizations choose a more flexible approach by allowing employees to use unsanctioned apps and monitor their usage for suspicious activity. Yet others don’t monitor employee app use at all, which is the riskiest approach imaginable.

A Docker container is a portable software package that holds an application’s code, necessary dependencies, and environment settings in a lightweight, standalone, and easily runnable form. When running an application in Docker, you might need to perform some analysis or troubleshooting to diagnose and fix errors. Rather than recreating the environment and testing it separately, it is often easier to SSH into the Docker container to check on its health.

Backstage is a platform for building developer portals. Originally developed internally at Spotify, it’s now open source and available through GitHub. Backstage allows DevOps teams to create a single-source, centralized web application for sharing and finding software (through the software catalog feature), as well as templates and documentation.

A zero-day vulnerability (CVE-2023-5129) in the WebP image library is being actively exploited, putting major browsers and scores of additional apps at risk.

Observability and security are converging, benefiting dev and security teams. Runtime observability is the missing component to this important endeavor, providing much-needed data and insights to DevSecOps and AppSec teams.

The online playing field for businesses in multiple niches has expanded, with the internet enjoying an overarching presence in various facets. New and larger markets have become more accessible through online platforms. All an established business needs is computer-based tools and an internet connection that won’t falter. Expansion is often rewarding but has its fair share of risks; thus, melding a nice blend of cybersecurity with a growing company is the safe way to go about it.

Containers have gained significant popularity due to their ability to isolate applications from the diverse computing environments they operate in. They offer developers a streamlined approach, enabling them to concentrate on the core application logic and its associated dependencies, all encapsulated within a unified unit.

In a previous webinar, we discussed the importance of ensuring that your enterprise is cyber resilient and the politics around establishing a thriving cybersecurity practice within your organization. This week’s discussion covers specific tactics and solutions you can implement when you begin this initiative — watch the full webinar replay to learn more about how Cribl supports your cyber resiliency efforts.

Network detection tools utilize one of two prominent approaches for threat detection: AI-driven behavior-based methods capable of identifying early indicators of compromise, and signature-based ones, which flag known attacks and common CVEs. While these systems operate on distinct principles, their combination forms more robust defense mechanism, helps to consolidate tools, provides richer threat context and improves compliance.

In this article, we explained the benefits of combining signature-based detection by Suricata IDS with behavior-based detection by Flowmon ADS. Now, let’s talk about how to enable this feature using Flowmon Probe and Flowmon ADS.

In this live stream, Cjapi’s James Curtis joins me to discuss the challenges of building a distributed global security team. Watch the full video or read on to learn about some hard-won examples of how to be successful with remote team building and management. Talent is hard to find, and companies are hiring from all over the world to build the best teams possible, but this trend has a price.

The Internet of Medical Things (IoMT) has revolutionized the healthcare industry, connecting medical devices to the internet and allowing for greater patient care. However, with this new technology comes new security threats. Hospitals must be aware of these risks and understand how to find, fix and secure connected medical devices to protect their patients from cyberattacks.

Although IT teams and MSPs continue to ramp up their security efforts, ransomware attacks show no signs of slowing down. Statistica’s ransomware report shows that in 2022, there were approximately 493.3 million ransomware attacks, and while this is a decrease from the 625.3 million attacks that occurred in 2021, it’s still higher than all the other years in the last decade.

In this blog post, we describe how one backbone service provider uses Kentik to identify and root out spoofed traffic used to launch DDoS attacks. It’s a “moral responsibility,” says their chief architect.

A Key Management Service (KMS) is used to create and manage cryptographic keys and control their usage across various platforms and applications. If you are an AWS user, you must have heard of or used its managed Key Management Service called AWS KMS. This service allows users to manage keys across AWS services and hosted applications in a secure way.

FIPS compliant cipher suites hold the U.S. government's seal of approval, guaranteeing their suitability for federal systems. On the other hand, non-FIPS compliant cipher suites may present security vulnerabilities due to outdated cryptographic algorithms and potential lack of perfect forward secrecy. As a result, it becomes paramount to monitor TLS network traffic for non-FIPS compliant cipher suites.

Now available: Cisco Secure Application delivers business risk observability for cloud environments.

BitLocker has long been the standard when it comes to disk encryption for your devices running Microsoft Windows operating systems—particularly on workstations and laptops. It’s designed to protect data by encrypting the entire disk drive on which the OS and user data are stored. This encryption ensures that even if someone physically steals or accesses your computer, they won’t be able to get to the data on the encrypted drive without the appropriate decryption key.

As cyber threats get more sophisticated, cybersecurity becomes a top concern for organizations. In this context, MSPs face an unenviable task: they manage the IT infrastructure and services of multiple customers—often small and medium businesses, which tend to be cybercriminals’ preferred targets. This job is being made even more challenging due to the increased use of Internet of Things (IoT) devices and Bring Your Own Device (BYOD) policies in modern workplaces.

Organizations are responding to the changing cybersecurity landscape. And zero trust is at the heart of this change, with 68% of respondents saying they’re planning or actively working towards adopting a zero trust access model. In collaboration with Cybersecurity Insiders, Ivanti surveyed 421 US-based IT and cybersecurity professionals to identify the latest enterprise adoption trends, challenges, gaps and solution preferences related to zero trust security.

Additionally, We didn’t need to make any changes to our infrastructure, except for adding the certificate and keys to the entities originating the requests from our private subnets. See below for troubleshooting techniques which can be useful when setting up mTLS..

While cyber threats are certainly continuously evolving, the fact is most intrusions still rely on basic, tried-and-true techniques. Who needs to burn a zero-day if guessing commonly used passwords or exploiting passwords used across multiple accounts can give you easy access? Brute force attacks continue to be an incredibly common threat that organizations face.

If your IT team is struggling to accomplish its lengthy to-do list, implementing detection and response solutions may be one step you can take to improve efficiency and reduce workload. Endpoint security solutions like Managed Detection Response (MDR) and Extended Detection and Response (XDR) can help you maintain and monitor your endpoints and other parts of your infrastructure, a very necessary capability in modern cybersecurity.

Azure Key Vault is Microsoft’s dedicated cloud service, designed to safeguard cryptographic keys, application secrets, and other sensitive data. In an era where digital security is paramount, it functions as a centralized repository. Here, sensitive data is encrypted, ensuring that only designated applications or users can access them. Imagine having a hyper-secure, digital vault where you can store all your essential digital assets.

As a wise man once said, never ask a goat to install software, they’ll just end up eating the instructions. It may appear that the pesky goats have eaten some of those instructions or eaten too many sticker bushes to keep up with recent Microsoft Sentinel changes if you’ve tried configuring the CEF and Azure Connected Machine Agents. This guide is for you whether you have spent considerable time trying to get these agents to work or just dabbling in the Sentinel waters!

Data collection has become an increasingly essential tool for businesses, allowing them to gather insights about their customers and employees. But it also raises the question of ethics: what data should be collected, how should it be used and who should have access to it? In this article, we'll explore the ethical implications of collecting employee experience data through telemetry.

As an IT professional or a Managed Service Provider (MSP), the task of managing user accounts on a network of Mac computers can be quite challenging. Imagine needing to repurpose a device, troubleshoot extensive issues, or ensure sensitive data is completely removed—these are daunting tasks that could require a significant amount of time and resources. This is where the 'Wipe a Mac Hard Drive Remotely' bash script comes into play.

Have you ever wondered how to keep your digital assets truly secure in a world where cyber threats seem to evolve quicker than cybersecurity measures? If so, you might want to consider adopting a Zero Trust security model. Far from being a buzzword, Zero Trust has emerged as a holistic approach to cybersecurity that operates on a straightforward principle: “Never Trust, Always Verify”.

This tale is based on an actual event that happened to one of our Cribl Search customers. It highlights a massive gap between the urgent needs of modern businesses and the outdated, draconian terms dictated by traditional SIEM vendors. While the events are real, a touch of dramatization was added for the fun of it. Why not?

If you’re delivering software in a regulated environment, or deploying to a critical application or device, ensuring the security of your software code and dependencies is essential. One of the most popular tools for achieving this is Snyk, which gives developers the ability to find and fix vulnerabilities as part of their development workflow.

In today's era of data security, the proper disposal of data on hard drives is crucial. For IT professionals and Managed Service Providers (MSPs), having reliable tools for these tasks is essential. In this blog post, we're diving into the details of a versatile PowerShell script designed for secure and efficient disk wiping. We'll also provide essential tips to ensure its successful execution and data removal.

Learn all about how Cloudsmith ensures robust cloud-native software artifact management, emphasizing authentication, license compliance, and vulnerability mitigation, all while maintaining a holistic approach to security.

In the rapidly evolving world of healthcare technology, the Health Insurance Portability and Accountability Act (HIPAA) stands as a beacon of data privacy and security. For software developers operating in this domain, understanding and adhering to HIPAA isn’t just a regulatory mandate—it’s a commitment to patient trust and safety. With the increasing reliance on version control systems in software development, choosing the right Git client becomes paramount.

Welcome to the Calico monthly roundup: August edition! From open source news to live events, we have exciting updates to share—let’s get into it!

The information gap is broadening. According to Ivanti’s 2023 Press Reset cybersecurity report, over 50% of surveyed security professionals said their organizations hadn’t experienced a phishing incident in the last 24-months – despite virtually every organization getting phished in 2022!