by Anthony Musk
If a week is a long time in politics, a month can sometimes feel like a lifetime in cybersecurity. Few of us working in cyber at the start of December could have predicted how the run up to Christmas would pan out. In the end, Log4Shelland the subsequent vulnerabilities found in Log4j made it several weeks of sleepless nights and anxious Zoom calls. The truth is that the logging utility is so ubiquitous, related threats will be with us for months or even years to come.
But that’s not the end of the story. Unfortunately for security professionals, their employers and customers, there’s a much wider concern. Trend Micro has been one of several authoritative voices warning of the impact of open source bugs on the security of the digital world. Unless we take action soon, Log4Shell could be the start of an extremely unwelcome trend: a cyber-pandemic fuelled by open source exploits.
by Simon Walsh
Over the weekend, security teams across the globe have been racing against the clock to mitigate a newly discovered vulnerability. The bug is found in popular Apache logging system Log4j, and has been dubbed “Log4Shell”. It’s already being exploited in the wild.
Here we explain how attacks work and what your organisation should do.
by Reeza Meer
Like their counterparts in many sectors, financial services organisations made huge strides during the pandemic to adapt to a radically changing business environment. This required the roll-out of innovative new digital services to support rapidly evolving customer behaviour. Over a third of consumers claim to have increased their online banking during the crisis, for example. And it demanded the large-scale roll-out of online collaboration capabilities and hardware to support mass remote working for staff. Behind it all was cloud transformation.
Yet on the other side, these changes opened the door to new risks. Banking was second only to the government sector in terms of most popular targets for ransomware last year. In-house skills shortages and cloud complexity threaten to create multiple gaps for threat actors to exploit.
by Ritesh Pau
They say “good things come to those who wait”. That’s certainly my experience with Trend Micro. The journey actually started over a year-and-a-half ago following a conversation with Channel Director, James Munroe. Unfortunately, the right role didn’t exist back then.
But 18 months—and a brief stint at HPE—later, Trend Micro kick-started the discussions again and I was delighted to become part of the team as an MSP manager.