RSS_Virtulization

Data belonging to up to 1.2 million WordPress customers has been exposed in a security incident at GoDaddy. The domain registrar web-hosting company said on Monday that an unauthorized third party had gained access to its systems by exploiting a compromised password. The intrusion began in September but wasn’t detected until last week.  GoDaddy has hired an IT forensics firm to investigate the incident. While that investigation remains ongoing, cybersecurity specialists have determined that the unauthorized…

When you don’t want to give out your personal or work email address, but still need to sign up for an account, Mozilla might have an answer for you with Firefox Relay. Image: Mozilla Mozilla has announced the availability of a new free and paid Premium service, called Firefox Relay. This new privacy-focused platform makes it possible to hide your actual email address to protect your identity.  SEE: Feature comparison: Time tracking software and systems…

With the acceleration of cloud migration initiatives—partly arising the need to support a remote workforce during the pandemic and beyond—enterprises are finding that this transformation has introduced new operational complexities and security vulnerabilities. Among these are potential misconfigurations, poorly secured interfaces, Shadow IT (access to unauthorized applications), and an increasing number of connected devices and users. To navigate these challenges, enterprises are relying on managed service providers to monitor and protect their cloud environment. To…

Online payment fraud surged by 208% between September and October 2021, indicating that scammers are ramping up attacks on online shoppers in the build-up to this year’s Black Friday. In a new report, cybersecurity vendor Kaspersky discovered 1,935,905 financial phishing attacks disguised as e-payment systems in October 2021. This is more than double the 627,560 attacks detected in the previous month. Interestingly, the researchers didn’t observe any seasonal trends for other types of phishing related to online shopping…

Tenable®, Inc., the Cyber Exposure company, today announced that it has been named Vendor of the Year by Ingram Micro Inc. The annual Ingram Micro Vendor of the Year awards celebrates the success of more than two dozen emerging and established-channel focused vendor organizations across several categories including technology, markets, and communities. The awards were presented virtually in October 2021 at Ingram Micro’s 2022 Marketing Experience Event. “As much of the workforce becomes increasingly distributed,…

Cloud Security Gateways (CSGs) are one of the hottest and most sought-after technologies in the market today, driven by the adoption of cloud services for business transformation and the acceptance of hybrid workforce policies. CSGs, also commonly known as Cloud Access Security Brokers (CASBs), are responsible for enforcing security policies to protect cloud-hosted corporate assets from advanced threats, while enabling seamless and secure access to these assets from any location and device.   We have witnessed an exponential…

Security researchers have warned attackers are abusing months-old Microsoft Exchange Server flaws to send convincing malware-laden phishing emails within organizations. A team at Trend Micro spotted the campaign, which exploits the ProxyLogon and ProxyShell vulnerabilities patched by Microsoft in March and May respectively. By doing so, attackers are able to compromise a victim organization’s on-premises Exchange server, and then send phishing emails to other inboxes in the same organization — disguised as legitimate replies to existing…

The Securities and Exchange Commission (SEC) has warned of a new multi-channel phishing campaign designed to elicit personal and financial information from victims. An investor alert from the regulator revealed that several people have come forward claiming to have received phone calls or voicemail messages from purported SEC staff. The scammers apparently raised concerns about suspicious activity on the recipients’ checking or cryptocurrency accounts in a bid to trick them into handing over more sensitive info —…

The world’s largest manufacturer of wind turbines was forced to shut down IT systems across several locations over the weekend after a cybersecurity incident. In a brief notice on Saturday, Vestas Wind Systems claimed the attack struck the day before, with IT services in multiple business units affected. At the time, the Danish firm said that customers, employees and other stakeholders could be affected by the incident, and that it was working with internal and…