Is your data safe in AWS? Recent research may change your mind
According to Redlock, cryptojacking, account compromises, and a lack of high-severity patching are all making the outlook on using AWS potentially one of higher risk. Too many companies seem to be forgetting that security must extend to the cloud to guarantee that their data will be safe. This means moving the focus of many security […]
Read MoreDevOps DevOps DevOps…DevOps Security?
DevOps has been the hot new job market over the last few years – and rightly so. If implemented, it can reduce time to market, cost of implementation, and make an entire organization more Agile (see what we did there?). This is all well and good, but what about security? Containers open a host of […]
Read MoreGDPR will affect companies all over the world – not just in the EU
Some industry leaders in APAC weigh in on how GDPR will change their businesses at the link below. This new regulation is not something most companies are ready for just yet, but there should at least be movement in the right direction already. Industry Experts Weigh in on how GDPR will Impact Singapore and Asia
Read MoreBuzzwords aside, “Cloud” is not a one-size-fits-all strategy
Most organizations looking to make the move into a cloud environment will find that some of their applications and services will not migrate easily – or at all. With this in mind, White Raven rarely will suggest that a customer standardize on a single cloud provider, or to ignore the benefits of self-hosted solutions altogether. […]
Read MoreIntel gets hit with another vulnerability
For many of us, Intel has long been the “go-to” in processors, but these last few months have shown a few opening in the tech giant’s armor. This latest looks to be a minor issue, but businesses should remain aware – this could cause have some serious implications in environments where it is enabled. https://www.computerworld.com/article/3193830/security/vulnerability-hits-intel-enterprise-pcs-going-back-10-years.html […]
Read MoreIf you are still counting on PGP for protection, it may be time to stop
Looks like a pretty simple attack could render it completely useless, are you willing to play the odds? https://motherboard.vice.com/en_us/article/3k4nd9/pgp-gpg-efail-vulnerability
Read MoreThe biggest vulnerability companies have to compliance is their userbase
According to Clearswift, 45% of employees have accidentally shared key information in emails to unintended recipients. If this a concern to you, there is likely a need to upgrade your email scanning appliance/software: GDPR Downfall: 45% of employees have accidentally shared key information in emails to unintended recipients
Read MoreUnix servers running Exim are vulnerable to code execution – estimates say 400,000 servers must be patched
If you are running Unix in your environment, there is a fair chance that this vulnerability could affect you. Please patch for this one as soon as possible. Read more here: https://arstechnica.com/information-technology/2018/03/code-execution-flaw-in-exim-imperils-400k-machines-have-you-patched/
Read MoreCan your company survive in a world where 1Tbps DDoS attacks are becoming more common?
It is now becoming something we see – 1Tbps DDoS attacks – there have been two in the past week. It is almost unimaginable that an enterprise of any size could stand up to this on their own, but with the right toolsets and assistance, it is possible. Interestingly, these attacks are taking a new […]
Read MoreDo you think hardware segmentation is the answer? Think again.
For years, there has been a debate in the infrastructure world – is hardware segmentation the most effective method to protect from attacks, or does it have little effect, and can multi-tenant environments be just as effective? We at White Raven believe that they key is in trusts, not the hardware itself, and it would […]
Read More