Author: Reporter

CrowdStrike cuts 5% of workforce after revenue jumped 29% last year

~ Reporter ~ Leave a comment

CrowdStrike is cutting 5% of its workforce, about 500 positions, telling its staff that it’s shifting resources and realigning its operating model for growth in new market segments, according to a Wednesday filing with the Securities and Exchange Commission.

The company is slashing headcount following a year of significant growth in a strong market. CrowdStrike’s revenue jumped 29% year-over-year to $3.95 billion in fiscal year 2025, which ended Jan. 31. Yet, the company also reported a net loss of $19.3 million in FY25 after reporting net income of $89.3 million the previous year.

CrowdStrike’s growing use of artificial intelligence for internal operations was a factor behind the decision to cut staff in certain roles, according to CEO George Kurtz. “AI flattens our hiring curve, and helps us innovate from idea to product faster,” he said in a letter to employees. “It streamlines go-to-market, improves customer outcomes, and drives efficiencies across both the front and back office. AI is a force multiplier throughout the business.”

The company plans to continue hiring customer-facing and product engineering roles, but layoffs in other areas of the business suggests AI’s ability to automate some tasks and boost productivity has made some roles redundant.

Industry analysts question the extent to which CrowdStrike needed to or chose to point to AI as a factor leading to layoffs.

“We have to be careful that AI isn’t being used as an excuse for some area of the business that is underperforming,” said Neil MacDonald, a vice president and analyst at Gartner. 

“AI tools are used to make a given employee more productive, therefore you don’t need as many people,” MacDonald said. “But if you’re growing, what it means is you don’t have to hire as many [people], but it doesn’t necessarily mean you have to lay people off.”

CrowdStrike is the second-largest provider of endpoint protection, a market segment that drives the bulk of its revenue. Its market share in that segment grew from 20.3% in 2023 to 21.3% in 2024, according to Gartner.

Jeff Pollard, VP and principal analyst at Forrester, said Kurtz’s mention of AI likely came from some AI-related efficiency gains, but noted there’s also an industrywide trend at play. 

“Some amount of AI-washing is now prevalent in every one of these announcements and this is no exception,” he said. “In much the same way that ‘we take privacy and security very seriously’ can be found in every breach disclosure, so too can ‘AI productivity’ in workforce reduction announcements.”

Unfortunately, Pollard said, CrowdStrike’s “obligatory mention of AI” will be widely emulated by other cybersecurity vendors. 

Business leaders across multiple industries say they are looking to use AI to cut their workforce by at least 10% and up to 30%, including customer service, creative and administrative roles, according to Zeus Kerravala, principal analyst at ZK Research. 

“The layoffs are part of a broader set of efficiencies and I’m fully expecting to see more. This was only 5% and I think it’s more indicative of the state of AI rather than the state of cyber,” Kerravala said. 

“The layoffs should be viewed more as the evolution of AI and the changing nature of cyber rather than issues at CrowdStrike,” he added.

Kurtz said the decision to cut staff was predicated and driven by other factors as well. This includes, he said, a push to consolidate more customers on CrowdStrike’s Falcon platform, and multibillion-dollar opportunities in new market segments, such as tools for next generation security information and event management, identity, cloud and exposure management.

The company’s goals beyond its core business in endpoint protection pose an important question in the face of these layoffs, according to MacDonald. 

CrowdStrike is growing, gaining market share in cloud protection and SIEM last year, he said, but the company is still a relatively small player in those areas, and perhaps it’s not growing as quickly as it hoped in newer market segments.

“The cyber industry is changing with platforms starting to take hold over point products,” Kerravala said. “CrowdStrike will likely have to cut heads as they bring in talent around how to build and monetize platforms.”

The layoffs also come nearly 10 months after a faulty CrowdStrike Falcon security software update caused millions of Microsoft Windows systems to malfunction. That mistake caused major issues for businesses worldwide, and company executives have repeatedly said they need to regain the trust of customers.

CrowdStrike expects to incur up to $53 million in charges related to the layoffs, including severance payments, benefits and stock-based compensation.

“I know this is difficult news and it affects all of us. These decisions were made with care and guided by a clear view of where we need to go,” Kurtz said.

“As we evolve, we are laser-focused on transforming cybersecurity,” he said. “We stop breaches. This mission defines our purpose, unites our team and keeps us focused on what matters most: protecting our customers.”

The post CrowdStrike cuts 5% of workforce after revenue jumped 29% last year appeared first on CyberScoop.

from CyberScoop https://ift.tt/ZqsJOF5
via IFTTT

In the works – AWS South America (Chile) Region

~ Reporter ~ Leave a comment

Today, Amazon Web Services (AWS) announced plans to launch a new AWS Region in Chile by the end of 2026. The AWS South America (Chile) Region will consist of three Availability Zones at launch, bringing AWS infrastructure and services closer to customers in Chile. This new Region joins the AWS South America (São Paulo) and AWS Mexico (Central) Regions as our third AWS Region in Latin America. Each Availability Zone is separated by a meaningful distance to support applications that need low latency while significantly reducing the risk of a single event impacting availability.

Skyline of Santiago de Chile with modern office buildings in the financial district in Las Condes

The new AWS Region will bring advanced cloud technologies, including artificial intelligence (AI) and machine learning (ML), closer to customers in Latin America. Through high-bandwidth, low-latency network connections over dedicated, fully redundant fiber, the Region will support applications requiring synchronous replication while giving you the flexibility to run workloads and store data locally to meet data residency requirements.

AWS in Chile
In 2017, AWS established an office in Santiago de Chile to support local customers and partners. Today, there are business development teams, solutions architects, partner managers, professional services consultants, support staff, and personnel in various other roles working in the Santiago office.

As part of our ongoing commitment to Chile, AWS has invested in several infrastructure offerings throughout the country. In 2019, AWS launched an Amazon CloudFront edge location in Chile. This provides a highly secure and programmable content delivery network that accelerates the delivery of data, videos, applications, and APIs to users worldwide with low latency and high transfer speeds.

AWS strengthened its presence in 2021 with two significant additions. First, an AWS Ground Station antenna location in Punta Arenas, offering a fully managed service for satellite communications, data processing, and global satellite operations scaling. Second, AWS Outposts in Chile, bringing fully managed AWS infrastructure and services to virtually any on-premises or edge location for a consistent hybrid experience.

In 2023, AWS further enhanced its infrastructure with two key developments, an AWS Direct Connect location in Chile that lets you create private connectivity between AWS and your data center, office, or colocation environment, and AWS Local Zones in Santiago, placing compute, storage, database, and other select services closer to large population centers and IT hubs. The AWS Local Zone in Santiago helps customers deliver applications requiring single-digit millisecond latency to end users.

The upcoming AWS South America (Chile) Region represents our continued commitment to fueling innovation in Chile. Beyond building infrastructure, AWS plays a crucial role in developing Chile’s digital workforce through comprehensive cloud education initiatives. Through AWS Academy, AWS Educate, and AWS Skill Builder, AWS provides essential cloud computing skills to diverse groups—from students and developers to business professionals and emerging IT leaders. Since 2017, AWS has trained more than two million people across Latin America on cloud skills, including more than 100,000 in Chile.

AWS customers in Chile
AWS customers in Chile have been increasingly moving their applications to AWS and running their technology infrastructure in AWS Regions around the world. With the addition of this new AWS Region, customers will be able to provide even lower latency to end users and use advanced technologies such as generative AI, Internet of Things (IoT), mobile services, banking industry, and more, to drive innovation. This Region will give AWS customers the ability to run their workloads and store their content in Chile.

Here are some examples of customers in Chile using AWS to drive innovation:

The Digital Government Secretariat (SGD) is the Chilean government institution responsible for proposing and coordinating the implementation of the Digital Government Strategy, providing an integrated government approach. SGD coordinates, advises, and provides cross-sector support in the strategic use of digital technologies, data, and public information to improve state administration and service delivery. To fulfill this mission, SGD relies on AWS to operate critical digital platforms including Clave Única (single sign-on), FirmaGob (digital signature), the State Electronic Services Integration Platform (PISEE), DocDigital, SIMPLE, and the Administrative Procedures and Services Catalog (CPAT), among others.

Transbank, Chile’s largest payment solutions ecosystem managing the largest percentage of national transactions, used AWS to significantly reduce time-to-market for new products. Moreover, Transbank implemented multiple AWS-powered solutions, enhancing team productivity and accelerating innovation. These initiatives showcase how financial technology companies can use AWS to drive innovation and operational efficiency. “The new AWS Region in Chile will be very important for us,” said Jorge Rodríguez M., Chief Architecture and Technology Officer (CA&TO) of Transbank. “It will further reduce latency, improve security and expand the possibilities for innovation, allowing us to serve our customers with new and better services and products.”

To learn more about AWS customers in Chile, visit AWS Customer Success Stories.

AWS sustainability efforts in Chile
AWS is committed to water stewardship in Chile through innovative conservation projects. In the Maipo Basin, which provides essential water for the Metropolitan Santiago and Valparaiso regions, AWS has partnered with local farmers and climate-tech company Kilimo to implement water-saving initiatives. The project involves converting 67 hectares of agricultural land from flood to drip irrigation, which will save approximately 200 million liters of water annually.

This water conservation effort supports AWS commitment to be water positive by 2030 and demonstrates our dedication to environmental sustainability in the communities where AWS operate. The project uses efficient drip irrigation systems that deliver water directly to plant root systems through a specialized pipe network, maximizing water efficiency for agricultural use. To learn more about this initiative, read our blog post AWS expands its water replenishment program to China and Chile—and adds projects in the US and Brazil.

AWS community in Chile
The AWS community in Chile is one of the most active in the region, comprising of AWS Community Builders, two AWS User Groups (AWS User Group Chile and AWS Girls Chile), and an AWS Cloud Club. These groups hold monthly events and have organized two AWS Community Days. At the first Community Day, held in 2023, we had the honor of having Jeff Barr as the keynote speaker.

Chile AWS Community Day 2023

Stay tuned
We’ll announce the opening of this and the other Regions in future blog posts, so be sure to stay tuned! To learn more, visit the AWS Region in Chile page.

Eli

Thanks to Leonardo Vilacha for the Chile AWS Community Day 2023 photo.

How is the News Blog doing? Take this 1 minute survey!

(This survey is hosted by an external company. AWS handles your information as described in the AWS Privacy Notice. AWS will own the data gathered via this survey and will not share the information collected with survey respondents.)

from AWS News Blog https://ift.tt/P7H05cR
via IFTTT

Top 10 Cloud Security Mitigation Tactics

~ Reporter ~ Leave a comment

As businesses continue to migrate operations and data to the cloud, securing cloud environments has become more critical than ever. Cloud security threats are dynamic and complex, making proactive mitigation tactics essential to protect sensitive data, ensure compliance, and maintain business continuity. Below are ten proven tactics organizations should employ to mitigate cyber threats existing in the cloud environments.

1. Implement Strong Identity and Access Management (IAM)

IAM is the first line of defense in cloud security. Use multi-factor authentication (MFA), enforce least privilege principles, and regularly audit user roles and permissions. Centralized IAM helps ensure that only the right individuals have access to the right resources.

2. Encrypt Data at Rest and in Transit

Data should always be encrypted—whether it’s being stored or transmitted. Use strong encryption protocols such as AES-256 and TLS 1.2/1.3. Ensure encryption keys are managed securely, preferably through hardware security modules (HSMs) or a key management service (KMS).

3. Conduct Regular Security Audits and Penetration Testing

Regular audits and penetration tests help identify vulnerabilities before attackers can exploit them. These assessments should include code reviews, infrastructure scans, and configuration checks across all cloud services.

4. Enable Continuous Monitoring and Logging

Monitoring tools should be in place to detect anomalies and potential breaches in real time. Services like AWS CloudTrail, Azure Monitor, or Google Cloud’s Operations Suite offer robust visibility into activities across your cloud infrastructure.

5. Harden Cloud Configurations

Misconfigured cloud resources are one of the most common causes of breaches. Use automated tools like AWS Config, Azure Security Center, or open-source solutions like ScoutSuite to continuously validate and harden your environment against insecure settings.

6. Apply the Principle of Least Privilege (PoLP)

Ensure users and applications have only the access they need. This minimizes the risk of lateral movement in case an account is compromised. Implement granular access controls and isolate critical workloads whenever possible.

7. Regularly Patch and Update Systems

Outdated software and unpatched vulnerabilities are easy targets for attackers. Automate patch management and ensure all components—from VMs to containers and third-party applications—are up to date.

8. Use Firewalls and Network Segmentation

Network security remains vital. Use cloud-native firewalls, security groups, and network access control lists (ACLs) to filter traffic. Segment networks by environment (e.g., dev, test, prod) and by application type to limit the blast radius of potential attacks.

9. Implement a Strong Incident Response Plan

Have a well-documented and tested incident response (IR) plan specific to cloud services. This plan should define roles, communication protocols, and procedures for identifying, containing, and recovering from a breach.

10. Educate and Train Your Workforce

Human error is a persistent risk. Regular training and awareness programs can prevent phishing, social engineering, and accidental misconfigurations. Include cloud security best practices in onboarding and ongoing education.

Conclusion

Cloud security is a shared responsibility between providers and customers. By applying these ten mitigation tactics, organizations can significantly reduce their exposure to threats and maintain a strong cloud security posture. As technology evolves, staying informed and agile is just as important as any tool or policy.

The post Top 10 Cloud Security Mitigation Tactics first appeared on Cybersecurity Insiders.

The post Top 10 Cloud Security Mitigation Tactics appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/9osPMYC
via IFTTT

Accelerate the transfer of data from an Amazon EBS snapshot to a new EBS volume

~ Reporter ~ Leave a comment

Today we are announcing the general availability of Amazon Elastic Block Store (Amazon EBS) Provisioned Rate for Volume Initialization, a feature that accelerates the transfer of data from an EBS snapshot, a highly durable backup of volumes stored in Amazon Simple Storage Service (Amazon S3) to a new EBS volume.

With Amazon EBS Provisioned Rate for Volume Initialization, you can create fully performant EBS volumes within a predictable amount of time. You can use this feature to speed up the initialization of hundreds of concurrent volumes and instances. You can also use this feature when you need to recover from an existing EBS Snapshot and need your EBS volume to be created and initialized as quickly as possible. You can use this feature to quickly create copies of EBS volumes with EBS Snapshots in a different Availability Zone, AWS Region, or AWS account. Provisioned Rate for Volume Initialization for each volume is charged based on the full snapshot size and the specified volume initialization rate.

This new feature expedites the volume initialization process by fetching the data from an EBS Snapshot to an EBS volume at a consistent rate that you specify between 100 MiB/s and 300 MiB/s. You can specify this volume initialization rate at which the snapshot blocks are to be downloaded from Amazon S3 to the volume.

With specifying the volume initialization rate, you can create a fully performant volume in a predictable time, enabling increased operational efficiency and visibility on the expected time of completion. If you run utilities like fio/dd to expedite volume initialization for your workflows like application recovery and volume copy for testing and development, it will remove the operational burden of managing such scripts with the consistency and predictability to your workflows.

Get started with specifying the volume initialization rate
To get started, you can choose the volume initialization rate when you launch your EC2 instance or create your volume from the snapshot.

1. Create a volume in the EC2 launch wizard
When launching new EC2 instances in the launch wizard of EC2 console, you can enter a desired Volume initialization rate in the Storage (volumes) section.

You can also set the volume initialization rate when creating and modifying the EC2 Launch Templates.

In the AWS Command Line Interface (AWS CLI), you can add VolumeInitializationRate parameter to the block device mappings when call run-instances command.

aws ec2 run-instances \
    --image-id ami-0abcdef1234567890 \
    --instance-type t2.micro \
    --subnet-id subnet-08fc749671b2d077c \
    --security-group-ids sg-0b0384b66d7d692f9 \
    --key-name MyKeyPair \
    --block-device-mappings file://mapping.json

Contents of mapping.json. This example adds /dev/sdh an empty EBS volume with a size of 8 GiB.

[
    {
        "DeviceName": "/dev/sdh",
        "Ebs": {
            "VolumeSize": 8
            "VolumeType": "gp3",            
            "VolumeInitializationRate": 300
		 } 
     } 
]

To learn more, visit block device mapping options, which defines the EBS volumes and instance store volumes to attach to the instance at launch.

2. Create a volume from snapshots
When you create a volume from snapshots, you can also choose Create volume in the EC2 console and specify the Volume initialization rate.

Confirm your new volume with the initialization rate.

In the AWS CLI, you can use VolumeInitializationRate parameter and when calling create-volume command.

aws ec2 create-volume --region us-east-1 --cli-input-json '{
    "AvailabilityZone": "us-east-1a",
    "VolumeType": "gp3",
    "SnapshotId": "snap-07f411eed12ef613a",
    "VolumeInitializationRate": 300
}'

If the command is run successfully, you will receive the result below.

{
    "AvailabilityZone": "us-east-1a",
    "CreateTime": "2025-01-03T21:44:53.000Z",
    "Encrypted": false,
    "Size": 100,
    "SnapshotId": "snap-07f411eed12ef613a",
    "State": "creating",
    "VolumeId": "vol-0ba4ed2a280fab5f9",
    "Iops": 300,
    "Tags": [],
    "VolumeType": "gp2",
    "MultiAttachEnabled": false,
    "VolumeInitializationRate": 300
}

You can also set the volume initialization rate when replacing root volumes of EC2 instances and provisioning EBS volumes using the EBS Container Storage Interface (CSI) driver.

After creation of the volume, EBS will keep track of the hydration progress and publish an Amazon EventBridge notification for EBS to your account when the hydration completes so that they can be certain when their volume is fully performant.

To learn more, visit Create an Amazon EBS volume and Initialize Amazon EBS volumes in the Amazon EBS User Guide.

Now available
Amazon EBS Provisioned Rate for Volume Initialization is now available and supported for all EBS volume types today. You will be charged based on the full snapshot size and the specified volume initialization rate. To learn more, visit Amazon EBS Pricing page.

To learn more about Amazon EBS including this feature, take the free digital course on the AWS Skill Builder portal. Course includes use cases, architecture diagrams and demos.

Give this feature a try in the Amazon EC2 console today and send feedback to AWS re:Post for Amazon EBS or through your usual AWS Support contacts.

— Channy

How is the News Blog doing? Take this 1 minute survey!

(This survey is hosted by an external company. AWS handles your information as described in the AWS Privacy Notice. AWS will own the data gathered via this survey and will not share the information collected with survey respondents.)

from AWS News Blog https://ift.tt/rbuLpV4
via IFTTT

Strengthening Cybersecurity in the Vulnerable Educational System

~ Reporter ~ Leave a comment

School systems may not immediately come to mind as targets for cybersecurity attacks. However, threat actors have increasingly turned their attention to them, recognizing that the extensive digital infrastructure supporting schools contains a wealth of sensitive information that can be stolen or exploited for financial gain.

It was reported earlier this year that hackers stole private data of over 700,000 current and former Chicago Public Schools (CPS) students in a ransomware attack, subsequently posting it on the Dark Web. Exploiting a vulnerability in a technology vendor’s software that  CPS was using to share data, hackers accessed a server and compromised information from the district and over 60 other organizations nationwide. The stolen data included students’ names, birth dates, genders, and CPS student ID numbers.

There was also the PowerSchool breach that is currently on track to become one of the biggest breaches of the year. The company stated that hackers used compromised credentials to breach its customer support portal, further allowing access to the company’s school information system, which houses sensitive information such as student records, grades, attendance, and enrollment. 

Teachers, administrators, students, and even parents/guardians urgently need to reduce the likelihood of a cyberattack, no matter the time of year. With the right tools, skills, and awareness, school districts can strengthen their cybersecurity posture and remain well-protected from the evolving threat landscape.

Much like the business sector, the education system has integrated digital infrastructure to support day-to-day activities and administrative duties. Students rely on computers to complete and submit assignments, teachers use them to manage their students’ progress, and administrators depend on them for communication, analytics, and record-keeping. This reliance on technology has resulted in school districts accumulating a massive reserve of personal and sensitive information, including phone numbers, email addresses, social security numbers, and even medical records and credit card information—all of which can be exploited by threat actors.

Many high-ranking members within the education system fail to realize what a treasure trove the data within their systems could turn out to be to a cybercriminal. As a result, many school districts lack the necessary cybersecurity infrastructure, training programs, and general awareness to stay protected against attacks. This vulnerability has led threat actors to target schools, hoping to exploit under-protected systems and easily hijack valuable data.

School districts with inadequate cybersecurity measures and training programs are much more vulnerable to sophisticated network attacks or software exploits. However, the lack of cyber defense training among both students and staff poses an even greater risk for successful social engineering or phishing exploits. As a result, attacks are easier to execute, allowing threat actors to hijack private credentials or attach viruses, malware, or ransomware to seemingly innocent communications.

While summer vacation is approaching and the semester will be coming to a close soon, it is  imperative that school districts integrate a new wave of cybersecurity operations into their systems to avoid these issues as they could arise at any time. Simultaneously, threat actors are likely to target school infrastructure and unsuspecting users in hopes of an easy payday. With this in mind, schools should take proactive steps to safeguard against cyber threats, both through robust cybersecurity infrastructure and comprehensive, ongoing school-wide training.

First, school districts must implement fundamental cybersecurity measures as a baseline level of protection. This includes next-gen, AI-powered email security solutions, advanced threat detection and response, endpoint security, patch management, as well as strong passwords backed with multi-factor authentication (MFA). Phishing resistant MFA is also highly useful for all official school accounts.

Secondly, school districts must ensure that all private and sensitive information is securely backed up with immutable storage. In the event of a breach or a ransomware attack, or if systems become compromised, districts can be reassured that stored data isn’t lost. Properly storing data also prevents threat actors from extorting school districts, as they have access to backed-up data even if the original versions are rendered inaccessible.

Lastly, it is critical to foster a student body and administration that is knowledgeable about cybersecurity best practices. Through regular training and thorough awareness programs, school districts can create a “human firewall” that significantly reduces the likelihood of a successful attack.

To build an effective human firewall, school districts can adopt the ‘mindset-skillset-toolset’ triad:

  • Mindset – Raise awareness among students and staff about growing cyber threats
  • Skillset – Combine awareness training with simulations for workers and students
  • Toolset – Incorporate tools that support secure behavior by employees and students

This approach should be applied holistically, but it’s important to note that specific demographics require tailored approaches to training. Key differences to consider include:

  • Students, teachers, and administrators use devices and accounts for specific purposes, with some handling more sensitive information than others.
  • Faculty and administrators, who regularly use school devices, likely have the most up-to-date software and protection from private Wi-Fi and Ethernet connections. However, their contact information is often publicly available on school websites, making them particularly high-risk targets.
  • Parents and guardians are less likely to use school devices but should be educated about cyber risks to help their children understand potential dangers and serve as a resource if suspicious activity occurs. 
  • School districts need to implement age-appropriate training that teachers and parents/guardians can ensure is closely followed both in class and at home, with the sophistication of training gradually increasing for older age groups.

School systems may be at a higher risk of cyber attacks than ever before, but they are not powerless to prevent threat actors from disrupting their activities. By implementing robust security infrastructure, fostering awareness, and providing regular training, school systems can ensure that their students and staff are prepared to mitigate any potential cyber threats at any point throughout the school year.

__

Daniel Blank, COO at Hornetsecurity

Daniel Blank has over 15 years of experience selling complex IT products, and 13 years of various managerial positions in the cloud security environment. Daniel joined Hornetsecurity in 2010 as Key Account Manager, quickly becoming Director of Sales, and finally assuming the role of COO in 2014. Today, Daniel is responsible for Sales, Presales/ Education, and Human Resources at Hornetsecurity.

 

The post Strengthening Cybersecurity in the Vulnerable Educational System first appeared on Cybersecurity Insiders.

The post Strengthening Cybersecurity in the Vulnerable Educational System appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/OSWeotc
via IFTTT

Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks

~ Reporter ~ Leave a comment

Microsoft has warned that using pre-made templates, such as out-of-the-box Helm charts, during Kubernetes deployments could open the door to misconfigurations and leak valuable data.
“While these ‘plug-and-play’ options greatly simplify the setup process, they often prioritize ease of use over security,” Michael Katchinskiy and Yossi Weizman from the Microsoft Defender for Cloud Research team

from The Hacker News https://ift.tt/7TAUZXa
via IFTTT

Entra ID Data Protection: Essential or Overkill?

~ Reporter ~ Leave a comment

Microsoft Entra ID (formerly Azure Active Directory) is the backbone of modern identity management, enabling secure access to the applications, data, and services your business relies on. As hybrid work and cloud adoption accelerate, Entra ID plays an even more central role — managing authentication, enforcing policy, and connecting users across distributed environments.
That prominence also

from The Hacker News https://ift.tt/2jpOCA7
via IFTTT

Stealth Tunnels: The Dawn of Undetectable Remote Access

~ Reporter ~ Leave a comment

In today’s world, more employees work from home, coffee shops, or satellite offices than ever before. While remote access tools like VPNs have kept us connected, they’re increasingly easy for network gatekeepers to spot—and sometimes block or slow down. Enter stealth tunnels: an innovative way to disguise secure connections so they glide past firewalls and inspection tools unnoticed. In this article, we’ll explain what makes stealth tunnels different, why they matter, and how businesses can use them to keep their remote workers safe, productive, and uninterrupted.

In this deep dive, we’ll explore how stealth tunnels work, why they outperform legacy Virtual Private Network (VPN)s, and how enterprises can deploy them securely at scale.

Why Traditional VPNs Aren’t Enough

Imagine you’re trying to drive into a city through one of its main gates. A standard VPN is like a marked delivery truck: the guards know exactly what it is and can choose to let it through, inspect it, or stop it altogether. That’s because traditional VPNs use well-known ports and protocols—digital “signatures” that deep-packet inspection (DPI) tools and firewalls easily recognize.

When a business firewall sees VPN traffic, it can slow it down or block it outright, interrupting video conferences, halting large file transfers, or preventing access to critical systems. For employees in high-security environments—financial traders, healthcare technicians, or field engineers—these interruptions mean lost time, missed opportunities, and mounting frustration.

Stealth vs. Legacy VPN: A Feature Comparison

What Makes a Tunnel “Stealth”

Stealth tunnels wrap VPN traffic inside a form that looks, to the network’s gatekeepers, like harmless web browsing or random data. Think of it as putting our delivery truck inside an unmarked van that looks like any other car on the road. 

The key techniques include:

HTTPS Wrapping: The VPN connection is hidden inside a standard web-secure (HTTPS) session. Since almost all websites use HTTPS these days, this traffic simply blends in with normal browsing.

Port Hopping & Padding: Instead of listening on one fixed port, the tunnel randomly changes its port every few minutes. Network tools can’t easily predict which port to watch. Adding a bit of “padding”—small dummy data packets—further disguises the true nature of the traffic.

Handshake Obfuscation: Most VPNs follow a predictable “handshake” when connecting. Stealth tunnels randomize the timing and structure of this handshake so it doesn’t match known VPN patterns

Combined, these methods make the encrypted tunnel look like any other benign data flow, effectively slipping past DPI and firewall scrutiny.

Benefits of Stealth Tunnels

Uninterrupted Productivity

Because network tools can’t identify stealth tunnels, remote workers enjoy smoother video calls, faster file transfers, and reliable access to enterprise applications—no matter where they connect from.

Better Security

Stealth tunnels still use strong encryption under the hood. Even if someone tried to intercept the data, they’d see only scrambled bits inside a standard web stream.

Resilience Against Censorship & Throttling

In regions where VPNs are blocked or heavily slowed down, stealth tunnels can maintain connectivity by masquerading as regular web traffic. This is critical for global teams working in restrictive environments.

Explaining with Example: 

1.Traditional VPN: You launch your VPN client, which opens a connection on UDP port 1194. The café’s network equipment spots this, slows it down by 80%, and you struggle through a choppy video call.

2.Stealth Tunnel: You toggle “Stealth Mode” in your remote-access app. Your traffic is wrapped inside HTTPS on port 443, then jumps ports and adds padding. The café’s equipment treats it like normal web traffic—your call remains crystal clear.

How Businesses Can Deploy Stealth Tunnels

1. Choose a Stealth-Ready Solution

Look for remote-access platforms that offer an easy “stealth mode” switch. This often relies on the widely supported Wire Guard or OpenVPN technologies under the hood, enhanced with obfuscation modules.

2. Setup Stealth Gateways

Deploy one or more servers—called stealth gateways—in locations your users can reach, such as cloud regions or branch offices. These gateways unwrap the disguised traffic and forward it to your corporate network.

3. Roll Out Stealth Clients

Install or update the client apps on user devices (laptops, tablets, phones). A single toggle in the app enables all obfuscation features—no manual port configuration or scripting required.

4. Monitor and Rotate

Regularly update handshake parameters, encryption keys, and port ranges. A central management console can automate this, ensuring the tunnels remain undiscoverable over time.

Looking Ahead

As DPI and network monitoring tools become more powerful, stealth tunnels will continue to evolve. Future enhancements may include machine-learning to adapt obfuscation on the fly, quantum-safe encryption for extra peace of mind, and deeper integration with software-defined networks. Businesses that adopt stealth-capable remote access today will gain a crucial edge—keeping their distributed workforces connected, productive, and secure, no matter where they roam.

___

 

About the Author

Vikram Gupta is the Founder and CEO of Fibmesh, a trailblazer in software-defined mesh networks and secure remote-access solutions. With an experience in network engineering and a passion for democratizing connectivity, he leads the development of next-generation systems that empower organizations to build their own secure, adaptive infrastructures.

 

The post Stealth Tunnels: The Dawn of Undetectable Remote Access first appeared on Cybersecurity Insiders.

The post Stealth Tunnels: The Dawn of Undetectable Remote Access appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/1s6AJ4f
via IFTTT