Posts

Showing posts from November, 2019

Data security and automation top IT projects for 2020, AI not a priority

Image
  Data security and automation are the top IT projects for 2020, while artificial intelligence projects are not in the top 10 for IT professionals, according to Netwrix. The online survey asked 1045 IT professionals worldwide to name their top five IT projects for the next year; they could pick from a predefined list or specify their own descriptions. The survey found no dramatic difference in IT priorities among organizations based on size or vertical. Top IT projects for 2020 74% of organizations named data security as their top IT priority for 2020 54% of respondents plan to focus on automating manual tasks 43% of organizations ranked data privacy among their top five priorities; 52% of them are subject to privacy regulations 33% of organizations intend to focus on digital transformation, integrating their existing solutions and performing  cloud migrations . These goals were mostly cited by larger organizations with more than 5,000 employees 20% of organizations plan to fo...

Thousands of hacked Disney+ accounts are already for sale on hacking forums

Image
  Hackers began hijacking accounts hours after Disney+ launched earlier this week. Hackers didn't waste any time and have started hijacking Disney+ user accounts hours after the service launched. Many of these accounts are now being offered for free on hacking forums, or available for sale for prices varying from $3 to $11, a investigation has discovered. A STREAM OF USER COMPLAINTS The Disney+ video streaming service launched this week, on November 12. The service, although being available only in the US, Canada, and the Netherlands, has already amassed more than 10 million customers in its first 24 hours. The Disney+ launch was marred by technical issues. Many users reported being unable to stream their favorite movies and shows. But hidden in the flood of complaints about technical issues was a smaller stream of users reporting losing access to their accounts. Many users reported that hackers were accessing their accounts, logging them out of all devices, and then changing ...

Microsoft describes its own DevOps journey

Image
  This is what DevOps looks like inside one of the world's biggest software factories. The goals: more collaboration, improved worklives. n this cloud-drenched era, software vendors have evolved from code-and-ship operations into 24x7 data center operators. So they, perhaps more than any other type of organization, need DevOps methodologies to keep development and operations efforts on track, pumping out releases with blinding frequency, while keeping teams in constant sync. For that reason, Microsoft, perhaps the world's largest software factory, takes DevOps very seriously. In a recent  post , Ori Zohar, senior product marketing manager for Microsoft Azure, describes the urgency for his companies to build and perfect its DevOps culture. "From Office, to Azure, to Xbox we also found we needed to adapt to a new way of delivering software," he explains. "The new era of the cloud unlocks tremendous potential for innovation to meet our customers' growing demand ...

Microsoft warns users to stay alert for more BlueKeep attacks

Image
  Microsoft: BlueKeep exploit will likely be used to deliver payloads more impactful and damaging than coin miners. Microsoft's security team believes that more destructive BlueKeep attacks are on the horizon and urges users and companies alike to apply patches if they've been lagging. The company's warning comes after security researchers detected the first-ever malware campaign that weaponized the BlueKeep vulnerability. The attacks, which were detected last weekend, used BlueKeep to break into unpatched Windows systems and install a cryptocurrency miner. Many security researchers considered the attacks underwhelming and not living up to the hype that was built around BlueKeep for the past six months. This was because Microsoft said BlueKeep could be used to build wormable (self-spreading) malware. However, the attacks that happened over the weekend did not deploy malware that could spread on its own. Instead, attackers scanned the internet for vulnerable systems and at...

The nastiest ransomware, phishing and botnets of 2019

Image
  Webroot released its annual Nastiest Malware list, shedding light on 2019’s worst cybersecurity threats. From ransomware strains and  cryptomining  campaigns that delivered the most attack payloads to phishing attacks that wreaked the most havoc, it’s clear that cyber threats across the board are becoming more advanced and difficult to detect. Ransomware Ransomware continued to see success by evolving a more targeted model initially adopted in previous years. SMBs remain a prime target as they struggle with limited security budget and skills. Whether its phishing attacks targeting employees or brute forcing unsecured RDP, ransomware is as effective as ever, cementing its place on our list for another year. The nastiest include: Emotet – Trickbot – Ryuk (“Triple Threat”)  – One of the most successful chains of 2019 in terms of financial damages. These strains have shifted their focus to more reconnaissance-based operations. They as...