October is National Cyber Security Awareness Month, and EDGE360 editors are keeping an eye on news that value-added resellers (VARs) can share with their customers to keep them abreast of the latest developments in the sector. Below we share highlights from an article from Cisco about how DevSecOps bridges DevOps with infosec. We also share news about a new virus that turns computers into “zombies” and cyber security tips for small businesses, among other cyber stories.
DevSecOps: Recreating Cybersecurity Culture
The relatively new practice of DevSecOps — bridging DevOps workflows with information security (infosec) operations — is defining new approaches and shared responsibilities. DevSecOPs is also driving evolving cultural norms within formerly disparate security and technology teams, Cisco’s Steve Martino, Senior Vice President, Chief Information Security Officer, wrote in an article for DarkReading. Martino went on to write, “As companies offer customers digital experiences where products and services are increasingly powered by mobile, cloud, and data analytics capabilities, developers, in turn, are moving to development processes that meet the need for greater agility and scale. To keep pace, chief information security officers now need to work with developers much earlier in the production cycle. It’s an issue that requires both technology and culture change but is well worth the effort.”
Read Martino’s article here.
Microsoft, Cisco Talos Discover Malware Campaign That Turns PCs Into ‘Zombie Proxies’
A newly discovered strain of malware transforms PCs into “zombie proxies” using otherwise legitimate programs, and it has infected thousands of computers across the United States and Europe. Microsoft and Cisco’s Talos researchers both recently released reports that outlined this cyber threat, which the companies call Nodersok and Divergent, respectively. These malware campaigns have the same purpose regardless of the name: To get users to download and run an HTML application (HTA) most likely distributed through malicious ads. This triggers an elaborate hacking process that leaves few traces because it leverages existing programs or downloads legitimate tools.
Read the story here.
Cybersecurity Awareness Month: Time to Tackle The ‘CyberCreepers’
In addition to National Cyber Security Awareness Month (NCSAM), October is also National Domestic Violence Awareness Month (NVDAM), and there is an overlap between the two that is important. Aggressors committing domestic violence acts have a new set of cyber tools at their disposal, and they are using them. Shining the spotlight on the overlap between cyber and domestic abuse is a chance to highlight the new tools and behaviors available to aggressors and what they can do to their victims. Cyberstalking and Doxing are being used in harmful ways and it’s important to be aware of these practices.
Read the story here.
Keep Your Small Business Safe from Hackers Using These Cybersecurity Tips
Small businesses often fall into the trap of lax security, both online and in person. However, it’s essential for small business owners to consider how they can navigate the world of digital security risks and dangers. Many small business owners think they’re safe from hackers. The reality is that the ordinarily lax data security policies of small businesses make them low-hanging fruit for skilled hackers. Even if you follow basic practices – such as making sure that everyone changes their passwords regularly – there are a few other things that you can do to protect your business.
Read the article here.