RSS_Virtulization

What is the Cactus ransomware? Cactus is a ransomware-as-a-service (RaaS) group that encrypts victim’s data and demands a ransom for a decryption key. Hundreds of organisations have found themselves the victim of Cactus since it was first discovered in March 2023, with their stolen data published on the dark web as an “incentive” to give in to the extortionists’ demands. So far, so sadly normal. What makes Cactus different? Cactus made a name for itself…

Essential to global prosperity yet subject to economic and geopolitical forces, companies across the entire energy value chain are under pressure to operate at high levels of safety, efficiency, and uptime. It’s the same story across all industries. According to a recent survey by Foundry, nearly all respondents (97%) reported that their organization is impacted by “digital friction,” defined as the unnecessary effort an employee must exert to use data or technology for work. Top…

Nonprofit organizations have seen a sharp rise in cyber-attacks, with email-based threats increasing by 35.2% over the past year. These attacks target donor data, financial transactions and internal communications. According to a new report by Abnormal Security, nonprofits have become prime targets due to their limited cybersecurity resources, high-trust environments and frequent financial transactions. Attackers exploit these vulnerabilities to deploy business email compromise (BEC) and vendor email compromise (VEC) schemes, tricking employees into redirecting funds…

Google has launched two new AI-powered tools to detect conversational scams on Android devices. These new features, Scam Detection for messages and calls, respectively, were introduced in a Google blog post published on March 4. Google said they build on traditional spam protection designed to strengthen defenses against job and delivery scams, which Google will still roll out to users. However, Google claimed that these new tools will go further, with the ability to detect…

Tripwire’s February 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. Up first on the list are patches for Microsoft Edge (Chromium-based) that resolve 4 remote code execution and 2 spoofing vulnerabilities. Next on the list are patches for Microsoft Office and Excel. These patches resolve 8 issues such as remote code execution and information disclosure vulnerabilities. Next are patches that affect components of the core Windows operating system. These patches resolve over…

The vast majority of global IT professionals have experienced work-related stress or burnout, according to a new ISACA survey. The biggest drivers of this issue are heavy workload (54%), long hours (43%), tight deadlines (41%), lack of resources (41%), unsupportive management (41%) and lack of appreciation (38%). Technical knowledge and skills were highlighted by respondents as the top challenges when pursuing an IT career. The top three challenges were: The need for more technical knowledge…

En 2024, BBVA fue una de las grandes compañías españolas que optó por contratar a la tecnológica OpenAI la distribución de licencias de la versión para empresas de ChatGPT entre sus empleados. A día de hoy, como contaba esta semana en el MWC de Barcelona Álvaro Martín, responsable del área de datos para Empresas y Sostenibilidad en BBVA, en la compañía utilizan una de estas licencias más de 3.300 personas –de los 126.000 empleados que…

More than half of global organizations have suffered an operational technology (OT) incident over the past 12 months, according to the SANS Institute. The training and certifications company polled over 180 professionals in energy, IT, government and other critical infrastructure sectors to better understand their OT exposure. The resulting report, 2025 ICS/OT Cybersecurity Budget: Spending Trends, Challenges, and the Future, revealed that most suffered an incident leading to data loss, unauthorized access, operational disruption or other…

Organizations have been urged not to fall for what appears to be a ransomware scam using physical letters. GuidePoint Security claimed in a blog post yesterday that it had received reports of executives in multiple organizations being sent a suspicious letter purporting to come from the BianLian ransomware group. In it, the sender claims to have compromised the recipient’s corporate network and stolen sensitive data. “Mimicking the threats of a ‘true’ ransomware ransom note, the…