RSS_Virtulization

Most discussions around cybersecurity understandably focus on information technology (IT). Assets like cloud services and data centers are typically what companies spend the most time and effort securing. Recently, though, operational technology (OT) has come under increasing scrutiny from leading security experts in both the private and public sectors. In June, for instance, the Cybersecurity and Infrastructure Security Agency (CISA) released a fact sheet about ransomware attacks on OT. The publication references a growing trend…

Today’s VERT Alert addresses Microsoft’s August 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-959 on Wednesday, August 11th. In-The-Wild & Disclosed CVEs CVE-2021-36948 This privilege escalation vulnerability that affects the Windows Update Medic Service (WaasMedic) has been actively exploited. Medic Service is a feature of modern Windows operating systems that repairs and protects your Windows Update components. For example, if you disable Windows Update services, WaasMedic…

A survey by New Zealand’s Ministry of Justice has found that victims of crime in the Land of the Long White Cloud are least likely to report falling prey to cybercrime and sexual assault.  A New Zealander was most likely to contact the police after being impacted by vehicle crime, according to the latest Ministry of Justice New Zealand Crime and Victim Survey. Researchers found that while car crime had an 89% chance of being reported,…

This month’s Patch Tuesday brings us a relatively small number of CVEs being patched, but an abnormally high percentage of noteworthy critical vulnerabilities. Vulnerability Analysis: CVE-2021-34535 One such vulnerability is identified as CVE-2021-34535, which is a remote code execution flaw in the Remote Desktop client software, observed in mstscax.dll, which is used by Microsoft’s built-in RDP client (mstsc.exe). The vulnerability is very closely related to a bug released in July of 2020, CVE-2020-1374, which also…

Judicial approval has been given to a multi-million-dollar settlement concerning a data breach that happened at the University of Pittsburgh Medical Center (UPMC) seven years ago.  The agreement will see UPMC pay $2.65m to 66,000 employees whose personal data was pilfered by former Federal Emergency Management Agency (FEMA) IT specialist Justin Sean Johnson. Detroit resident Johnson (aka TheDearthStar and Dearthy Star on the dark web) hacked into the center’s Oracle PeopleSoft database in 2013 and 2014 using the…

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Chinese state hackers, Data leak, Ransomware, RAT, Botnets, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending…

More than half of employees who work remotely are deliberately ignoring or working around security policies put in place by their company, according to new research.  The insider threat was unearthed during a recent survey of IT and cybersecurity professionals across industries conducted by identity platform Axiad when putting together its 2021 Remote Workforce Security Report. Researchers found that 52% of tech leaders reported that their remote employees had found workarounds to their company’s security policies. “Employees were…

When you’re considering cloud for your workloads and apps—and even more detailed, matching your apps with the right cloud—how do you choose? Cloud computing offers a ton of benefits, but not all cloud environments are created equal. As we continue to see businesses adopting multi-cloud computing, which includes leaving some apps on-prem or in edge locations, it’s important to build a cloud strategy that takes into account the web of applications you’re likely managing. We’ve…

When you’re considering cloud for your workloads and apps—and even more detailed, matching your apps with the right cloud—how do you choose? Cloud computing offers a ton of benefits, but not all cloud environments are created equal. As we continue to see businesses adopting multi-cloud computing, which includes leaving some apps on-prem or in edge locations, it’s important to build a cloud strategy that takes into account the web of applications you’re likely managing. We’ve…

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 ransomware attacks against Australian organizations in multiple industry sectors starting July 2021. The Australian agency also published 2021-006: ACSC Ransomware Profile – Lockbit 2.0 which includes info related to the activity of the gang, such as initial access, threat activity and mitigations. “The ACSC has received reporting…