RSS_Virtulization

Threat actors hacked email servers of the FBI to distribute spam email impersonating FBI warnings of fake cyberattacks. The email servers of the FBI were hacked to distribute spam email impersonating the Department of Homeland Security (DHS) warnings of fake sophisticated chain attacks from an advanced threat actor. The message tells the recipients that their network has been breached and that the threat actor has stolen their data. “Our intelligence monitoring indicates exfiltration of several…

More than 5,300 malicious websites have popped up each week, the highest since the start of 2021, says Check Point Research. Image: iStock/tevarak The 2021 holiday season is a busy time for people as they get ready to shop, both at physical stores and at online sites. But of course, this is also a busy time for cybercriminals as they get ready to exploit the season to target consumers with scams. SEE: Fighting social media phishing…

Yet another consumer is disturbed by the sketchy algorithms deployed by Facebook. Here’s how the app knows what you’re talking about and what to do about it. Image: Chesnot / Getty Images This past weekend, my mother-in-law came for a visit. During her stay, something happened to cause her great concern. Let me set the stage. Everyone was gathered around the dining room table, having a grand time. One of the kids brought out a…

A recently published report from the US Government Accountability Office (GAO) has warned that official security guidance from the Department of Education is out-of-date, and needs to be refreshed to address the increasing reports of ransomware and other cyber threats. According to the GAO report, the current plan for addressing threats to K-12 schools was developed and issued in 2010 and has not been updated to deal with the changing nature of cybersecurity attacks, such…

In this episode, Tripwire’s Senior UX Researcher, Martina Dove, uses her psychology research to explain to us how the brain operates when presented with a cyberscam. She also discusses her model for identifying fraud susceptibility and what we can do to prevent falling for these scams. Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnmStitcher: https://www.stitcher.com/podcast/the-tripwire-cybersecurity-podcastRSS: https://tripwire.libsyn.com/rssYouTube: https://www.youtube.com/playlist?list=PLgTfY3TXF9YKE9pUKp57pGSTaapTLpvC3 Tim Erlin: When we speak about cybersecurity, we often focus on many of the technical aspects of how to secure our businesses as well…

It’s no surprise, but the security threat landscape is rapidly becoming more sophisticated, as evidenced by the Colonial Pipeline, Kaseya, and SolarWinds attacks earlier this year. Considering the pace of digital transformation in today’s business, a single cyberattack can bring a company’s operations to a standstill. In June, FBI Christopher Wray commented that the cyber threat is increasing “almost exponentially” and the FBI was looking into more than 100 different ransomware variants, a three-fold increase…

The US and Israel yesterday announced a new bilateral partnership designed to tackle ransomware. The move comes as part of the new US-Israeli Task Force launched on Sunday slated to cover Fintech Innovation and Cybersecurity more broadly. Its participants are currently working on a Memorandum of Understanding (MoU) to support joint activities, including information sharing in threat intelligence, security guidance and regulations. Also mooted are staff training, study visits and cross-border competency-building initiatives such as cybersecurity exercises…

The US authorities have released a new industrial control systems (ICS) alert urging impacted organizations to patch key middleware or risk denial of service and remote code execution attacks. The Cybersecurity and Infrastructure Security Agency (CISA) pointed to a series of vulnerabilities impacting open-source and proprietary implementations of the Object Management Group (OMG) Data-Distribution Service (DDS). The bugs are found in multiple vendors’ equipment: CycloneDDS, FastDDS, GurumDDS, OpenDDS, Connext DDS Professional, Connext DDS Secure, Connext…