DATA SECURITY

Microsoft Exchange Server uncovered huge number of associations to cyber attack

informationsecurity | March 08, 2021

In any event 30,000 associations across the United States have been undermined through four newfound weaknesses affecting Microsoft's Exchange Server email programming.

In every occurrence, the assailants abandoned a web shell: a secret word ensured hacking apparatus that can be gotten to over the Internet from any program, giving authoritative admittance to the casualties' workers.

Microsoft delivered security updates to address the bugs on second March, and prompted clients utilizing Exchange Server to fix the frameworks as most punctual as could really be expected.

Nonetheless, apparently the updates incited the Chinese gathering - which Microsoft has named 'Hafnium' - to venture up its assaults on workers that have not been fixed.

Security scientists have now cautioned that Microsoft's security patches can't sanitize frameworks that have effectively been hacked.

Spotlight

The usage and applicability of Information and Communication Technology (ICT) is increased from the past three decades. Monitoring Quality-of-Service (QoS) pertaining to networks is a major challenge for the researchers and academicians. Bandwidth, latency, jitter and loss of data and security are some of the important parameters related to the network QoS. Especially security plays an important role regarding data confidentiality in wired or wireless networks are concerned. Particularly, there is a need to strengthen the authentication process in Wireless Local Area Network (WLAN).

Spotlight

The usage and applicability of Information and Communication Technology (ICT) is increased from the past three decades. Monitoring Quality-of-Service (QoS) pertaining to networks is a major challenge for the researchers and academicians. Bandwidth, latency, jitter and loss of data and security are some of the important parameters related to the network QoS. Especially security plays an important role regarding data confidentiality in wired or wireless networks are concerned. Particularly, there is a need to strengthen the authentication process in Wireless Local Area Network (WLAN).

Related News

PLATFORM SECURITY

Cerberus Sentinel completes acquisition of CyberViking

Cerberus Sentinel | July 07, 2022

Cerberus Cyber Sentinel Corporation (NASDAQ: CISO), a cybersecurity consulting and managed services firm based in Scottsdale, Ariz., announced that it has completed the acquisition of CyberViking, a cybersecurity company based in Georgia and Oregon. Upon the closing of the transaction, CyberViking became a wholly owned subsidiary of Cerberus Sentinel. CyberViking founder and cyber lead for the company is Carric Dooley. CyberViking specializes in application security services, incident response and threat hunting, and the creation and management of security operations centers. They have advised many Fortune 100 companies worldwide. "With the addition of CyberViking, we take a next step in expanding our international reach as well as broadening our expertise for our cybersecurity healthcare and industrial controls systems customers. "Carric is an innovative thinker who is well respected by customers for solving and preparing for challenging cybersecurity threats. The team is the very embodiment of our commitment to a culture of security." David Jemmett, founder and CEO, Cerberus Sentinel "We are looking forward to helping shape a global strategy for incident response, as well as driving new capabilities in application security," said Dooley. "We believe in the development of the cybersecurity community and have actively participated as trainers and presenters at global conferences. Our two organizations share a vision in helping our customers rise above the cybersecurity challenges inherent in threats today and in the future, and to get them to a place where they can concentrate on growing their business." About Cerberus Sentinel Cerberus Sentinel is an industry leader in Managed Cybersecurity and Compliance (MCCP) services with its exclusive MCCP+ managed compliance and cybersecurity services plus culture program. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.

Read More

DATA SECURITY

SentinelOne and Cribl Partner to Deliver Data Flexibility Across Cybersecurity and Observability

Cribl | August 04, 2022

Cribl, the leader in enabling open observability, today announced a new partnership with SentinelOne, an autonomous cybersecurity platform company. The partnership enables SentinelOne customers to leverage Cribl's observability product suite to streamline cybersecurity triage, optimize data collection, and provide security teams control of their data. By integrating Cribl's observability product suite with Singularity XDR, SentinelOne customers can now unlock the value of all observability data. Key benefits include the ability to: 1) Operationalize endpoint and extended detection and response (EDR & XDR) of data sources in joint customer environments, 2) Streamline for triage and investigative functions in the Security Operations Center (SOC), and 3) Progress cybersecurity programs with enhanced threat intelligence, threat hunting, and adversary simulation. "Today's cybersecurity risk levels are increasingly associated with the ability to understand data across enterprise assets. "Our partnership with Cribl helps optimize data collection at scale, enabling security teams to minimize risk and save time." Chuck Fontana, SVP Business Development at SentinelOne "We're excited to partner with the SentinelOne team," said Zac Kilpatrick, VP of Channel and Alliances at Cribl. "To keep up with persistent threats and the ever-changing security landscape, SOC activity must move from reactivity to proactivity. SentinelOne's autonomous and proactive approach to cybersecurity is differentiated in the market and aligns with Cribl's objective of optimizing analytics platform cost and performance." Integration with SentinelOne's Cloud Funnel Cribl's product suite now integrates with SentinelOne's Cloud Funnel, a data subscription enabling XDR data to be stored locally in an enterprise's data lake. This solution works with any data type, such as file, process, DNS, flow, behavioral, registry, commands, scripts, and more. Cloud Funnel's flexibility provides SentinelOne customers the ability to choose which data type they need, optimize it to find the right signal, and route it for maximum efficiency - all at machine speed. Integration with DataSet Cribl Stream now supports SentinelOne's DataSet as a destination to seamlessly route data from legacy log analytics solutions. DevOps and IT teams choose DataSet to analyze data in real-time, effortlessly scale to petabytes, and cost-effectively retain data for longer periods of time for compliance and audit purposes. The new integration enables Cribl customers to pipeline their data to DataSet without changing their data instrumentation, collection, and ingestion. SentinelOne and Cribl will also continue bringing new offerings to market, including integrating Cribl Stream into SentinelOne's Singularity XDR platform. About Cribl Cribl makes open observability a reality for today's tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It's enterprise software that doesn't suck, enables tech professionals to do what they need to do, and gives them the ability to say "Yes." With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA.

Read More

SOFTWARE SECURITY

Legal Industry Leader HBR Managed Services Partners with Tanium to Enhance Security and IT Services Capabilities

HBR Consulting | August 16, 2022

HBR Managed Services (HBR), a comprehensive strategy, operations and technology consulting firm focused on the legal industry, today announced its partnership with Tanium, the industry's only provider of converged endpoint management (XEM) for complex security and technology environments. Recognizing that law firms are attractive targets for cyber criminals, HBR is leveraging the Tanium platform to provide IT operations management, IT asset discovery, and security threat response to manage system updates at scale, thereby helping the firm's IT managed services and network operating center (NOC) clients reduce risk and operating costs. "The Tanium platform allows us to automate patching of OS and applications on servers and workstations, whether those endpoints are attached to a firm's network or not," said Bill Elser, vice president of engineering services at HBR. "That's critical in today's hybrid environment, allowing us to quickly prevent or remediate security or other operational issues by deploying registry changes and executing scripts." "The legal field faces unique challenges not only to protect the integrity and reputation of individual firms, but to safeguard the various constituencies they serve. "Tanium is keenly aware of the heightened risks the industry faces and we are proud to align with a leader like HBR as they work to secure the interests of their clients. We look forward to expanding this long-term partnership as they continue to grow." Todd Palmer, SVP of partner sales of Tanium "We're pleased to add Tanium to our roster of best-in-class vendor partners," added Chris Petrini-Poli, HBR's executive chairman. "HBR is committed to continually innovating services and partnering with best-in-class tool providers. Throughout the past year, we've been investing in relationships that will help us continue to provide exceptional, cost-effective service to our clients. We're proud to be on the leading edge of using top-of-the-line technology that ensures a continuously updated and monitored, safe and secure IT environment, while allowing HBR's team to operate as efficiently as possible." About HBR Consulting HBR Consulting (HBR) provides law firms and corporate law departments with strategic guidance, operational improvement, and technology solutions that drive innovation while managing cost and mitigating risk. HBR's proven combination of experience, relationships, and insights—spanning the legal ecosystem—delivers sustainable financial and competitive advantages for its clients. Visit www.hbrconsulting.com and follow HBR on LinkedIn and Twitter. About Tanium Tanium, the industry's only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Compliance, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune's list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere. That's the power of certainty.

Read More