API authentication failures demonstrate the need for zero trust

The use of application programming interfaces (APIs) has exploded as businesses deploy mobile apps, containers, serverless computing, microservices, and expand their cloud presence. Consequently, many APIs are developed and deployed very quickly, leading to the persistence of coding errors, with poor authentication practices numbering among the top offenses. APIs are stateless in nature, and any […]

Continue Reading

65% of companies are considering adopting VPN alternatives

Despite high awareness of VPN risks, remote work forced many companies to rely more heavily on legacy access methods during the pandemic. At the same time, cybercriminals continue to take advantage of long-standing security vulnerabilities and increased attacks on VPNs, according to Zscaler’s VPN Risk Report. “As evident in several high profile breaches and ransomware […]

Continue Reading

Why zero trust should be the foundation of your cybersecurity ecosystem

For cybersecurity professionals, it is a huge challenge to separate the “good guys” from the “villains”. In the past, most cyberattacks could simply be traced to external cybercriminals, cyberterrorists, or rogue nation-states. But not anymore. Threats from within organizations – also known as “insider threats” – are increasing and cybersecurity practitioners are feeling the pain. […]

Continue Reading

Introducing the book: Project Zero Trust

In this Help Net Security video interview, George Finney, CSO at Southern Methodist University, talks about his latest book – “Project Zero Trust: A Story about a Strategy for Aligning Security and the Business“. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the […]

Continue Reading

20/20 visibility is paramount to network security

Infoblox announced the results of a Forrester Consulting study, which found IT leaders around the world share a ubiquitous appetite for greater network visibility. The findings underscore a convergence in security with networking, which IT decisionmakers now view as the missing strategy that will improve security response, automate compliance tasks, and better manage processes and […]

Continue Reading

Smishing, Ukraine et WordPress : panorama Infoblox des cybermenaces du 2ème trimestre 2022

Les cybercriminels continuent à cibler tous les secteurs d’activité et notamment la santé et la finance. En témoignent les dernières cyberattaques visant l’Ehpad de Beuzeville dans l’Eure et le Centre hospitalier Sud Francilien (Essonne).  The post Smishing, Ukraine et WordPress : panorama Infoblox des cybermenaces du 2ème trimestre 2022 first appeared on UnderNews.

Continue Reading