Securing the cloud for healthcare
Recent warnings and actual attacks are a prominent example of the active and persistent threats to our global healthcare networks, economy, and connected infrastructure.
UK airline easyJet data breach impacts 9M customers – expert commentary
Matt Walmsley provide commentary on the EasyJet breach and why transportation, as part of critical national infrastructure, is a tempting target for cybercriminals.
EasyJet Hack: Security Expert Reactions
Learn why although the EasyJet breach is significant, there may not be a fine during this global healthcare crisis, where the transportation industry is already hurting.
ICO a ‘toothless tiger’ claim commentators, as EasyJet breach
Learn why even though the EasyJet breach exposed 9 million user, there may not be fines for this compromise.
Here’s what security professionals took away from Verizon’s annual data breach report
Chris Morales talks to SiliconANGLE on why the threat landscape has dramatically shifted over the last few months and that this threat landscape that might be more permanent than temporary.
9 Million Customer Records Compromised in EasyJet's Cyberattack
Chris Morales provides his perspective on how the EasyJet breach occurred—most likely the compromise of a web facing application like the travel booking system.
EasyJet data breached: over 9 million customers affected
Matt Walmsley discussed why there may be no fines for EasyJet during this global health crisis.
Verizon 2020 Data Breach Report: Money Still Makes the Cyber-Crime World go Round
Verizon's latest data breach report shows that financial gain is still the key driver for cybercrime. Our own Chris Morales discuses that with the global pandemic and people working from home, and using SaaS apps that the attack vectors may forever change the landscape.
“Highly sophisticated” EasyJet Hack Compromises Personal Data of 9 Million People
“Even if EasyJet were found to be significantly accountable by the ICO, I doubt there would be much appetite for a big GDPR fine when the sector is already on its knees,” says Matt Walmsley, EMEA Director at Vectra.
Verizon 2020 DBIR: More Extensive, More Detailed and More Thorough Than Ever
Read about the Verizon's 2020 Data Breach Investigations Report (DBIR) with 81 contributing organizations, and more than 32,000 incidents analyzed (of which 3,950 were confirmed breaches).
Verizon: Breaches Targeting Cloud-Based Data Doubled in 2019
In response to the latest Verizon data breach report, our Chris Morales talks about why he expects new breach trends to emerge in 2020 as a result of the pandemic's impact with the uptick in use of apps like Zoom and other SaaS apps.
Why Partnerships in the Cybersecurity Sector are So Important
Since no one vendor can provide full security coverage, Matt Walmsley explains why partnerships in cybersecurity are critical to helping detect and remediate threats quickly.
The cybersecurity experts defending the UK against elite coronavirus hackers
With the current global health emergency, research and data from universities and healthcare orgagnisations has become extra valuable and has thus become a target for attacks.
8 Supply Chain Security Requirements
"Quite often risks have more to do with operational process, such as storing in an exposed database in the cloud, than it does with a flaw or vulnerability in code," says Chris Morales, head of security analytics at Vectra.
British Supercomputer ARCHER Suffers Cyberattack
The British Supercomputer used for academic research by Universities operating in the U.K. has been hit by a cyberattack, forcing the admin to reset all user passwords and SSH keys.
UK Supercomputing Service ARCHER Still Offline After Monday Attack
The UK Supercomputing Service ARCHER is likely still offline due to the need to reissue keys and passwords to all researchers, according to Chris Morales, head of security analytics at Vectra.
Pitney Bowes Hit with Second Ransomware Attack
Tim Wade, technical director, CTO Team at Vectra, urged caution not to make hasty assumptions about Pitney Bowes’ security capabilities without understanding the full context of the two ransomware incidents.
AiThority Interview with Hitesh Sheth, CEO at Vectra
"Digital Transformation can become a task rife with complexities and it is no surprise that security risks become a byproduct of that," Hitesh Sheth, Vectra CEO
Is Passwordless Authentication the Future?
"It’s important to consider that an effective authentication system must also account for effective credential revocation and replacement as much as credential strength – there are few things more trivially revoked and replaced than the knowledge inside someone’s head," Tim Wade, Technical Director, CTO Team at Vectra.
Expert Advice During World Password Day 2020
Is passwordless authentication the future? Hear from security experts including our own technical director of the CTO Team, Tim Wade.
World Password Day 2020: Passwordless, Credential Stuffing, and Password Managers
World Password Day 2020 continues as cybersecurity experts from around the world discuss the topics at the forefront of password security. These include passwordless authentication, credential stuffing attacks, password managers, and more.
GoDaddy Confirms Data Breach - 28,000 Customers Affected
Our own Matt Walmsley comments on the GoDaddy data breach and why it's critical to monitor how privileged credentials are used.
CISA and NCSC Publish Advisory on APT Groups Targeting Healthcare and Essential Services
Chris Morales, head of security analytics at Vecta, discusses why strong passwords are not enough to to defend against password spraying.
Secure home office: Vectra points to 8 key aspects
Andreas Müller , Director of the DACH region at Vectra , explains which 8 aspects currently need to be considered for securing the remote workforce.
GoDaddy confirms October data breach impacted hosting accounts
Data breaches serve as a good reminder for all that the monitoring of privileged credentials is critical and can make the difference between detecting an active attack and being unaware of a breach.
GoDaddy Takes Seven Months to Discover Data Breach
“It’s unclear whether GoDaddy’s reported incident was because of the re-use of previously stolen credentials or from brute force attacks," says Matt Walmsley, EMEA Director at Vectra.
GoDaddy Data Breach Shows Why Businesses Need to Better Secure Their Customer Data
"Regardless of how the unauthorized access was gained, it's a sharp reminder that the monitoring of how privileged credentials are used, not just granted, can make the difference between detecting an active attack and being blissfully ignorant to a breach," says Matt Walmsley, EMEA director at Vectra.
APT groups targeting healthcare organisations, NCSC warns
In light of the recent warnings by the National Cyber Security Centre and the U.S. Department of Homeland Security of attacks targeting healthcare organisations, Chris Morales, Vectra's head of security analytics, comments to teiss on why techniques like password spraying continue to work and are used for opportunistic access,
Why partnerships in the cybersecurity sector are so important
Matt Walmsley, head of EMEA marketing at Vectra, explains why partnerships in the cybersecurity sector are so important.
APT Groups Targeting Healthcare Organisations, NCSC Warns
Chris Morales, head of security analytics at Vectra, said that the password spraying is a highly opportunistic technique that continually works because passwords are commonly reused across multiple services.
COVID-19 Contact Tracing Apps: Effective Virus Risk Management Tools or Privacy Nightmare
Learn about contact tracing apps and the potential dangers for misuse. While they could be a way to aid in efficiently recognizing and quarantining only those people who are infected or at risk of being infected during this pandemic, it also brings up privacy concerns and how that data is going to be collected, and used for the future and if people even understand the risks.
The attacker and the data centre
Our own Matt Walmsley talks to ITProPortal on how attackers access the data centre and why early detection can make the difference between a contained incident or a successful takeover.
Over 40% security pros lack tools needed to fight cyber attacks, finds ISACA
As security teams adapt to the increase in remote working, things like RDP / VDI, VPN, and SaaS application usage, have expanded the remote access attack surface that needs protecting and monitoring, and of which many organisations have limited visibility.
How ransomware attacks are making the most of the COVID-19 crisis [Q&A]
"What's scary is the access you need to encrypt a network file is the exact same access you need to copy all the data and move it somewhere else," says Chris Morales, head of security analytics at Vectra.
Technado, Ep. 149: Vectra’s Chris Morales
Chris Morales, Head of Security Analytics at Vectra, joined this podcast to talk about incident response and threat management programs.
COVID-19: Summer Internships Aren't Going Away, But They May Look Very Different This Year
CEO Hitesh Sheth strongly supported a virtual internship program, says Woody Garrett, director of talent acquisition at Vectra.
Millions of Brute-Force Attacks Hit Remote Desktop Accounts
“The risk of poorly secured RDP access is real, with well-established threats ranging from opportunistic ransomware to more targeted attacks,” says Tim Wade, technical director on the CTO team at Vectra.
Connecticut Town Drops Drone Program to Combat COVID-19 Spread Over Privacy Concerns
Tim Wade, technical director, CTO Team at Vectra, warns that society must culturally be “extremely careful about the trade-offs we make, as the erosion of privacy is an erosion of both liberty and equality – if we are not deliberate, intentional, and thoughtful in this new world we will find ourselves less safe, less free, less equal.”
Cybersecurity Analyst Interview Questions: 4 Prep Considerations
“Because information security is a constantly evolving, multidisciplinary career, the key traits to look for in analysts are less about point-in-time knowledge during an interview, and more about the capacity to acquire new information and synthesize it into new insights,” said Tim Wade, technical director of the CTO Team at Vectra.
Observing Privilege to Reduce Risk in Software-as-a-Service (SaaS)
Learn why Chris Morales, head of security analytics at Vectra, says that risk in a SaaS environment is largely an identity problem.
Interview With Hitesh Sheth – Vectra AI
Aviva Zacks of Safety Detective sat down with Hitesh Sheth, President and CEO of Vectra AI, to found out how Vectra uses AI to detect cyberthreats.
Microsoft Proposes Privacy Controls for COVID-19 Contact Tracking, Tracing
"What is being proposed here is an API in both Apple and Google OS that would allow an installed app to extract specific information that maps user proximity with others who are using the same installed app via the use of Bluetooth signal," says Chris Morales, head of security analytics at Vectra.
CISA Warns Patched Pulse Secure VPNs Still Vulnerable
One issue is that many organizations still run their VPN servers with only single-factor authentication. Even if patches are in place, attackers can still access networks using stolen, but valid credentials, says Tim Wade, technical director of the CTO team at Vectra.
DHS Working on Cloud-based Root-of-Trust to Secure Agency Email on Mobile Devices
Read why Chris Morales, head of security analytics at Vectra, says that security and experience for the end-use don't always go hand in hand.
Vectra is responsible for Azure and AWS as AI cyber security solutions (in Korean)
Kevin Vanhaelen, head of ANZ for Vectra, talks to CCTV Korea on how Vectra provides a solution to intelligently respond to cyber attacks.
12 Tips for Working From Home
Protecting against software vulnerabilities requires vendor patching and due diligence on the user, says Chris Morales, head of security analytics at Vectra.
Free Cybersecurity Tools Coming Online to Protect WFH Staffers
To help companies now struggling to protect their assets a growing number of cybersecurity firms are offering free tools to protect those working from home.
Two Manitoba, Canada Law Firms Hit by Maze Ransomware
Chris Morales, head of security analytics at Vectra, says, “Ransomware attacks have pivoted to data theft before encrypting information as leverage to get organizations to pay the ransom."
Automated protection for remote connections
Vectra warns that remote workplaces, the relocation of the workforce to the home office and the use of RDP, VPN and VDI increase the attack surface massively.
Coronavirus: Schools, parents ‘not alert about safest video class practices’
The risks are not critical in nature for the most part but there are special concerns given the involvement of children, Chris Morales, Head of Security Analytics at Vectra, says.