RSS_Virtulization

Cyber threat actors are no longer just targeting hospitals with ransomware, they’re now infiltrating the very software that patients use to manage their care, installing backdoors that put sensitive medical information at risk. In a new report, researchers at Forescout’s Vedere Labs have found that Silver Fox, a recently identified Chinese-backed hacking group, was exploiting patient medical imaging software to deploy a backdoor, a keylogger and a crypto miner on victim computers. The targeted software…

Ransomware actors are largely eschewing encryption, with at least 80% of attacks last year focusing solely on exfiltrating data, as it is quicker and easier, according to ReliaQuest. The threat intelligence vendor claimed in its Annual Cyber-Threat Report that exfiltration-only ransomware attacks are 34% faster. After initial access, “breakout time” typically takes just 48 minutes, although some groups manage to achieve lateral movement in as little as 27 minutes, giving network defenders little time to…

En el marco de su plan de transformación digital, el Gobierno de Navarra buscaba una solución integral para gestionar sus datos de manera eficiente y segura. Así, de la mano de Telefónica Tech, el Ejecutivo implantó IBM Cloud Pak for Data, creando un hub de datos que centraliza las fuentes de datos, simplificando su acceso y garantizando su gobernanza. Esta plataforma, explican desde la telco en su papel de integrador, permite el desarrollo de aplicaciones…

A massive Chinese botnet is targeting Microsoft 365 accounts with large-scale password spraying attacks that can bypass multifactor authentication (MFA), according to SecurityScorecard. The botnet, which is made up of over 130,000 compromised devices, is systematically attempting to log into M365 globally using stolen credentials from infostealer accounts. This technique is designed to gain access to sensitive data, emails and collaboration tools across different industries. Attackers can also use compromised accounts to conduct lateral movement…

Last November, the Open Web Application Security Project (OWASP) released its Top Ten List for LLMs and Gen AI Applications 2025, making some significant updates from its 2023 iteration. These updates can tell us a great deal about how the LLM threat and vulnerability landscape is evolving – and what organizations need to do to protect themselves. Sensitive Information Disclosure Risks Grow In 2023, sensitive information disclosure ranked sixth on the OWASP Top 10 List…

The original NIS Directive came into force in 2016 as the EU’s first comprehensive law governing cybersecurity in member states. As part of its key policy objective to make Europe “fit for the digital age,” the European Commission proposed in December 2020 that NIS be revised, and NIS2 entered into force in January of 2023. Member states were required to transpose it into law by October 17, 2024. NIS2 has been applicable in the European Union…

Global consumers encountered over one billion fraudulent calls in the final quarter of 2024, with a quarter of Brits and nearly a third (31%) of Americans exposed to deepfakes, according to Hiya. The voice intelligence specialist compiled its Q4 2024 Global Call Threat Report from a January survey of 12,000 global consumers, and a representative sample of calls observed on the Hiya Voice Intelligence Network. It revealed a significant uptick in unwanted calls – including nuisance calls…

According to Mark Andreessen, sometime between 2006 and 2013, incoming freshmen at Harvard bought into the mantra that “tech is evil.” This has trickled into the general IT mindset. For many outside the profession, IT resembles the portfolio of televised advertisements during Super Bowl LIX: “very little creativity,” “not much in the way of simple, effective storytelling,” “not worth the money,” and “not targeted at me.” IT’s brighter future starts with stakeholders The other day…

지난해 6월 PwC가 진행한 펄스 설문조사에 따르면, 기술, 미디어, 통신 분야 임원의 85%가 기술을 활용해 비즈니스 모델을 실행하고 확장할 수 있는 역량을 갖추고 있다고 응답했다. 또한 76%는 생성형 AI를 사용해 이런 노력을 강화할 계획이라고 밝혔다. 돌렌은 이 같은 혁신에 높은 잠재력이 있지만, 잠재력을 실현하는 데 수반되는 복잡성 또한 높다고 말했다. 따라서 CIO와 다른 기술 리더들이 비즈니스 모델과 전달 전략을 재고하는 데 전략적 역할을 할 수 있는 절호의 기회라고 그는 설명했다. 돌렌은 이런 기회가 단순히 혼란을…