Google Drive starts warning users about suspicious files

Google has announced on Thursday that it has started warning users when they open potentially suspicious or dangerous files hosted on Google Drive. “We will display a warning banner to help protect [users] and their organization from malware, phishing and ransomware. These warnings are already available when opening Google Docs, Sheets, Slides, and Drawings,” Google noted. Administrators and end users don’t have to do anything – the alerts will start appearing within 15 days. Why … More →
The post Google Drive starts warning users about suspicious files appeared first on Help Net Security. …

New infosec products of the week: January 21, 2022

Here’s a look at the most interesting products from the past week, featuring releases from Axonius, GrammaTech, Kovrr, SpyCloud, and TAC Security. Kovrr Quantum enables organizations to financially quantify their cyber risk exposure Quantum leverages multiple cyber risk models trusted by world-leading cyber insurers, to financially quantify exposure to cyber-attacks and third-party failures that can lead to significant financial loss. This empowers CISOs, Chief Risk Officers, and CIOs to make well-informed risk management decisions and … More →
The post New infosec products of the week: January 21, 2022 appeared first on Help Net Security. …

The importance of securing machine-to-machine and human-to-machine interaction

In this interview with Help Net Security, Oded Hareven, CEO at Akeyless, explains how organizations manage secrets, particularly how this practice has changed and evolved amid the rapid shift to hybrid/remote work and how it benefits organizations security wise. We have seen great changes in the last couple of years in how companies operate and organize their workflow. How have these changes altered the way they manage secrets? Indeed the way companies operate workflows has … More →
The post The importance of securing machine-to-machine and human-to-machine interaction appeared first on Help Net Security. …

Exposed records exceeded 40 billion in 2021

According to a research by Tenable, at least 40,417,167,937 records were exposed worldwide in 2021, calculated by the analysis of 1,825 breach data incidents publicly disclosed between November 2020 and October 2021. This is a considerable increase on the same period in 2020, which saw 730 publicly disclosed events with just over 22 billion records exposed. By understanding threat actor behavior, organizations can effectively prioritize security efforts to disrupt attack paths and protect critical systems … More →
The post Exposed records exceeded 40 billion in 2021 appeared first on Help Net Security. …

BT selects VMware SASE to address networking and security challenges

VMware announced an agreement with BT to offer multinational customers more choice and flexibility in how they embrace a cloud-first approach to networking, security, and edge computing. Under the terms of the agreement, BT will offer its customers VMware Secure Access Service Edge (SASE) as a global managed service, combining BT’s extensive networking capabilities and in-depth security expertise with VMware technology. The launch of the BT-managed service builds on the strong partnership between the companies. … More →
The post BT selects VMware SASE to address networking and security challenges appeared first on Help Net Security. …

Best enterprise VPN of 2022

There are quite a few VPN services oriented at offering corporations privacy, anonymity, and protection against prying eyes but not many are successful in this endeavor. In this review, we’re analyzing several of those that excel in it. Originally Posted At https://www.itproportal.com/…

New SolarWinds Serv-U vulnerability exploited in Log4j-related attacks

Attackers looking to exploit recently discovered Log4j vulnerabilities are also trying to take advantage of a previously undisclosed vulnerability in the SolarWinds Serv-U software (CVE-2021-35247). It affects version 15.2.5 and previous versions of Serv-U, and has been patched by SolarWinds in version 15.3. About CVE-2021-35247 CVE-2021-35247 is an input validation vulnerability in the Serv-U File Server’s web login screen that could allow attackers to build a query after been given some input and send that … More →
The post New SolarWinds Serv-U vulnerability exploited in Log4j-related attacks appeared first on Help Net Security. …