– According to Vitali Kremez, CEO of threat intelligence company Advanced Intelligence, and James Maude, lead cyber-security researcher at security firm BeyondTrust, based on the format of the “bot_ID” field assigned to each infected host, the server was collecting data from users infected with version 1.7.2 of the RaccoonStealer malware.
– Forcepoint has added Matt Dircks, John McCormack, and Dr. John Zangardi to its board of directors. Dircks is CEO of BeyondTrust, McCormack is an Operating Partner at Teleo Capital, and Zangardi is president of Redhorse Corporation.
– “Morey Haber, CTO & CISO at BeyondTrust, said “The most critical step organizations should perform when trying to protect their data is to adopt a least privilege strategy for all access to sensitive data and supporting resources. As a part of privileged access management, least privilege ensures that only the appropriate privileges are given to data, systems, applications, and resources, on a need-to-know basis, to prevent excessive privileges from being used to compromise a sensitive resource. This prevents lateral movement and protects against inappropriate access by delegating access to only the owners of data and not employees or machine identities at large.”
– “With recent attacks infiltrating the supply chain and ransomware now infecting hypervisors without any end-user interaction, businesses must step up their security to thwart modern attacks but at a risk of becoming numb and complacent to the constant onslaught of exploits. Realistically, many security professionals are burning out from the barrage of attacks and never-ending responses. Unfortunately, we now have another exploit to deal with and the damage is devastating.”
– In 2020, there were a total of 196 Critical vulnerabilities reported. Interestingly though, 109 (that is 56%) of them could have been mitigated if one simple action had been taken: the removal of administrator rights.
– 1. Prioritize Privileged Access Management (PAM) across the vaccine supply chain, ensuring least privilege access to sensitive data starting with IP. CISA’s note finds that there have been multiple attempts at capturing privileged credentials, which often have broad access privileges and are frequently left standing open.
– In recent years, cyberattacks on critical OT (Operation Technology) infrastructure have literally exploded, with a 2000% increase according to the latest IBM X-Force report! So how do you secure remote access to an organization's network, with a large number of operators, subcontractors and suppliers, without using a VPN, without compromising processes and business continuity, or penalizing productivity?
– “Jeff’s experience includes a mix of enhancing existing Partner Programs and building new ones. This background is ideal for where BeyondTrust is heading as a company,” said Dee Dee Acquista, BeyondTrust’s senior vice president of Global Channels.
– While threat actors have always taken the path of least resistance, that strategy has been shifting in the wake of digital transformation and the massive increase in remote work that have multiplied the number of privileges agencies need to manage.
– BeyondTrust released DevOps Secrets Safe 21.1. The new release includes enhanced functionality for dynamic accounts and just-in-time (JIT) access controls in cloud environments which enterprises continue to adopt when managing privileged accounts. With BeyondTrust DevOps Secrets Safe,