Editor’s note: There is a lot going on in the world of IT, from emerging technologies to digital transformation and new cybersecurity threats. However, we can’t possibly cover it all, so we’ll bring you This Week in IT, a curated summary of IT and enterprise technology stories each week.
BlackByte ransomware group disables security products
Cybersecurity firm Sophos has released a new report that details how threat actors behind the BlackByte ransomware gang uses a sophisticated technique to bypass security products by abusing a known vulnerability in the legitimate vulnerable driver RTCore64.sys. This includes disabling over 1,000 drivers on which security products rely to provide protection.
The technique is growing in popularity, with at least two other known reports of threat actors using vulnerable drivers to kill antivirus and other software to bypass security products and deploy ransomware.
Read Sophos’ blog for more information.
Google to provide U.S. Army with Workspace
Google announced a new partnership with the U.S. Army that will see the company’s Public Sector division provide up to 250,000 personnel with the Google Workspace suite of productivity and collaboration solutions. This comes after the launch of Google Public Sector in June, which is focused on helping U.S. public sector entities in federal, state and local governments accelerate their digital transformations.
Read more about Google’s partnership with the U.S. Army and Google Public Sector here.
Infrastructure automation growth on the horizon
Gartner analysts predict that 85% of infrastructure and operations leaders currently without any full automation expect to become more automated within the next three years, and 70% of organizations will implement structured automation to deliver flexibility and efficiency by 2025.
The research and analysis firm’s survey found that automation is most used in application deployment, workload automation and end-user device deployment. However, just 22% are automating patching and vulnerability remediation despite 70% of those who are automating those functions find it impactful for the business.
Read more about Gartner’s survey of infrastructure and operations automation here.
These are the vulnerabilities Chinese hackers are exploiting
If your organization is at risk for targeted cyberattacks from Chinese-backed entities, you should review the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) list of top vulnerabilities being actively exploited by China state-sponsored hacking groups. The list of 20 vulnerabilities includes just bugs published from 2019 and on, and feature some of the most well-known bugs in recent memory.
The list includes the Log4j bug discovered at the end of last year, along with vulnerabilities from popular vendors such as Microsoft, Atlassian, VMware, Cisco and more.
Read CISA’s advisory for more information.
Google Cloud, HCLTech expand partnership to accelerate digital transformations
HCLTech and Google Cloud are expanding their partnership to scale HCLTech’s capacity to support digital transformation and deliver migration, system modernization and professional services for enterprise customers. The expanded relationship includes two new offerings: the new Google Cloud Global Migration and Modernization Factory ad the HCLTech Cloud Acceleration Team that both aim to help customers gain value from their cloud investments sooner.
Learn more about the Google Cloud, HCLTech partnership here.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply