Zero Trust | Breaking Cybersecurity News | The Hacker News

Many moons ago, when the World Wide Web was young and the nerd in me was strong, I remember building a PC and setting it up as a web server. In those exciting, pioneering days, it was quite something to be able to have my very own IP address on the internet and serve my own web pages directly from my Apache server to the world. Great fun. I also remember looking at the server logs in horror as I scrolled through pages upon pages of failed login, and presumably hacking, attempts. I'd buttoned things up pretty nicely from a security standpoint, but even so, it would only have taken a vulnerability in an unpatched piece of software for a breach to occur, and from there, all bets would have been off. Even today, many internet service providers will let you provision your own server, should you feel brave enough. Of course, the stakes were not high for me at home, but knowing what we know now about the growth of ransomware attacks and how AI is facilitating them, no organization would da...

Businesses are firmly in attackers' crosshairs. Financially motivated cybercriminals conduct ransomware attacks with record-breaking ransoms being paid by companies seeking to avoid business interruption. Others, including nation-state hackers, infiltrate companies to steal intellectual property and trade secrets to gain commercial advantage over competitors. Further, we regularly see critical infrastructure being targeted by nation-state cyberattacks designed to act as sleeper cells that can be activated in times of heightened tension. Companies are on the back foot. Leaders must be confident in their cyber posture: Are defenses up to the job of keeping attacks at bay? Does the leadership team have a complete understanding of the threats and risks the company faces? How can CEOs seize the initiative to get ahead of threats? Adoption of zero trust architectures to improve cyber defense Businesses that don't embrace true zero trust will find themselves increasingly vulnerable to br...

It's been reported that a new, generative AI worm dubbed "Morris II" has emerged. And for many, this new, generative AI worm is an understandable reason to panic.  Pushing back against hysteria, however, we discover that Morris II only targets AI apps and AI-enabled email assistants. No attack is a good one, but at least this one's very specific. More importantly, the recognition that just as AI is helping to accelerate and automate attacks, it will also drastically improve security efficacy.  While AI threatens to overwhelm reactive security teams with the pace and sophistication of its onslaught, it can likewise enable proactive prevention through predictive processes and controls. This is critical to giving security teams the chance to withstand the barrage that awaits them. Scaling alongside AI-enabled attacks There are two proactive efforts that scale well when accelerated attacks become the norm. Neither of these efforts need to be AI-powered to be effective against...

Cybercriminals don't just hack systems—they hack people. They've figured out that humans are wired to trust, empathize, and help, and they're using that against us in ingenious ways. Take this jaw-dropper: In 2024, a company lost over $25 million because an employee fell for a deepfake during a video call. Yep, a fake video of "trusted colleagues" tricked someone into handing over the keys to the kingdom—all kicked off by a phishing email. Ouch. If we want to stay one step ahead, we need to understand the psychology behind these attacks. Let's break it down—the human vulnerabilities, the identity and access management (IAM) fixes, and how to make tech work with (not against) our brains. Why Humans Are the Weakest Link Here's the deal: Humans evolved to trust and empathize. It's why we have friends, families, and functional societies. Mirror neurons in our brains make us feel what others feel, which is awesome for bonding… but terrible when a scammer shows up. Cybercrimi...

Most IT security professionals would agree that the key ingredient for safeguarding networks is "reducing the attack surface." Fewer avenues for breaches mean reduced risk and fewer incidents for an enterprise: Hackers can't attack what they can't see. Reducing attack surface is the key to securing your network, applications, and—most importantly—your data. Calling all servers . . . The "attack surface" comprises the sum of all exposed points through various vectors that an attacker could target to compromise a computing device or network. You can group the attack vectors into three main categories: the channel (a listening TCP/UDP port), assets (which include applications, services, webpages, files, executables, etc.), and access (user credentials). Below is a breakdown of the various attack vector options available to attackers. The channel —typically an exposed-to-the-internet communications protocol like TCP or UDP—allows all entities on the internet to communicate with each ot...

In every industry, Active Directory (AD) and Entra ID are the de facto standard identity directories . While cloud environments are becoming more prevalent, many industries' governing bodies require sensitive and private data and the applications utilized by them to remain on the premises. The hybrid combination of AD and Entra ID creates a complex web of identities in domains and forests that are often managed from separate consoles, creating a costly and risky administrative challenge. The complexity of hybrid environments often results in vulnerabilities that can put businesses at risk. These vulnerabilities take the form of privilege sprawl as a result of mergers, acquisitions, mobility within a company, and the resulting creation or addition of new identity accounts. Each individual identity account requires specific rights to access corporate resources. How those rights are allocated and protected is critical to an organization's security and productivity. Any gaps create s...

Coined in 2010 by Forrester Research , the term "zero trust" has long been hijacked by security vendors eager to take advantage of the hype that surrounds the concept. Today, it's so overused and misused that many see it as a meaningless buzzword—but that's far from the truth. In fact, its widespread misappropriation demonstrates the power of zero trust security. Why else would countless vendors try to capitalize on it? As they say, imitation is the sincerest form of flattery. Zero trust is not a mere label. Rather, zero trust is an architecture—though you'll also hear of a zero trust methodology, framework, paradigm, and infrastructure—and it's based on the idea of zero implicit trust, meaning no one should be trusted by default. The key zero trust principle of least-privileged access says a user should be given access only to a specific IT resource the user is authorized to access, at the moment that user needs it, and nothing more. Hence the zero trust maxim,...

As data breaches and cyber threats become the norm rather than the exception, the imperative to fortify cybersecurity measures has become critical. Microsoft 365, the leading enterprise productivity platform, is at the heart of many organizations' daily operations — and therefore is a prime target for cyber-attackers. Ransomware remains one of the most aggressive cyber threats to organizations. A reported 76% of businesses have experienced at least one attack within the last year , the results of which yielded disrupted operations, substantial financial losses, and reputational damage. For SaaS platforms like Microsoft 365, the threat is even more pronounced due to the vast amounts of sensitive data processed and stored daily.  Below, we will investigate the cybersecurity landscape surrounding Microsoft 365. As we do so, we will examine the prevalence of ransomware threats and identify many commonly implemented and robust strategies that are proven to enhance cyber resilience an...

As I usually say: 'attackers are lazy'. In other words, they always follow the path of least resistance. As defenders catch up with their tactics, techniques, and procedures, the asymmetric gap between offensive and defensive capability shrinks, pushing attackers to shift their battlefield strategy, perpetuating a game that repeats over and over again. Take, for example, endpoint protection. For the last few years, endpoint protection, detection, and response have been the centerpiece of security strategies. As modern endpoint security products get better at anticipating threats based on AI-based engines, providing richer visibility and more contextual detection capabilities, attackers are pivoting away from them, looking for 'blind spots' in your architecture, leveraging vulnerabilities and misconfigurations in network devices, supply chains, and even firmware embedded deep within devices, areas where security visibility is limited. This trend is particularly significant due to the ...

Throughout history, societies have protected their most valuable assets by building walls, fortresses, and moats. Whether it was a medieval castle or an ancient city-state, security meant keeping threats on the outside and creating barriers around the things that mattered most.  We took these principles with us as we moved into the digital age, designing network security with firewalls, access controls, and gated perimeters to protect digital assets. Firewalls and network devices became our virtual walls, defining trusted and untrusted zones, and keeping the "bad actors" at the gate. For years, this perimeter-based approach was the primary line of defense in the world of cybersecurity, establishing a digital fortress around systems and data. But just as history has shown us that walls and borders can be breached, so too has modern cybersecurity taught us that no perimeter is foolproof. As organizations increasingly connect their IT systems to the wider internet and integrate the...