RSS_Virtulization

This blog was written by Kiran Raj & Kishan N. Introduction In the last few years, Microsoft Office macro malware using social engineering as a means for malware infection has been a dominant part of the threat landscape. Malware authors continue to evolve their techniques to evade detection. These techniques involve utilizing macro obfuscation, DDE, living off the land tools (LOLBAS), and even utilizing legacy supported XLS formats. McAfee Labs has discovered a new technique…

Researchers from Kaspersky have spotted a new malware used by the WildPressure APT group to targets both Windows and macOS systems. The WildPressure was spotted for the first time in August 2019 when researchers detected a never-before-seen malware, dubbed Milum, that had no similarities with other samples analyzed by the experts. The Trojan was written in C++ and was employed attacks aimed at organizations from the Middle East. At least some of them are related to industrial sector….

Identifying Attack Surfaces is Key to Protection Mobile Applications By David Stewart, CEO, Approov, Inc. A regular pyramid has 5 surfaces, 4 sloping ones and another as its base. In this article we will walk through the mobile attack pyramid, discussing each of the 5 attack surfaces and recommending best practice for protecting them. An attack surface is the sum of all points that an unauthorized actor targets to access a mobile application’s backend. A…

Former US president Donald Trump has filed lawsuits accusing three California-based tech giants of illegally censoring him. On Wednesday, Trump filed proposed class-action lawsuits in the US District Court in Miami against Twitter, Facebook, Alphabet Inc’s Google (parent of YouTube) and their CEOs. In the suits, Trump alleges that the social media platforms violated the right to freedom of speech guaranteed by the First Amendment of the US Constitution, and he calls for a court order to…

What happened   Microsoft has shipped an emergency security update affecting most Windows users. This update partially addresses a security vulnerability known as PrintNightmare that could allow remote hackers to take over your system.   How does this affect you?   PrintNightmare could allow hackers to gain control of your computer. This means hackers could perform malicious activities like installing their own apps, stealing your data, and creating new user accounts.   How to fix the issue Microsoft recommends Windows 10, 8.1, and 7 users update their computers through Windows Update as soon as possible. Note that an additional patch will…

What happened   Microsoft has shipped an emergency security update affecting most Windows users. This update partially addresses a security vulnerability known as PrintNightmare that could allow remote hackers to take over your system.   How does this affect you?   PrintNightmare could allow hackers to gain control of your computer. This means hackers could perform malicious activities like installing their own apps, stealing your data, and creating new user accounts.   How to fix the issue Microsoft recommends Windows 10, 8.1, and 7 users update their computers through Windows Update as soon as possible. Note that an additional patch will…

What happened   Microsoft has shipped an emergency security update affecting most Windows users. This update partially addresses a security vulnerability known as PrintNightmare that could allow remote hackers to take over your system.   How does this affect you?   PrintNightmare could allow hackers to gain control of your computer. This means hackers could perform malicious activities like installing their own apps, stealing your data, and creating new user accounts.   How to fix the issue Microsoft recommends Windows 10, 8.1, and 7 users update their computers through Windows Update as soon as possible. Note that an additional patch will…

A new study has revealed that nearly all security professionals operating in a multi-cloud environment believe it’s riskier than relying on a single cloud provider. The research, published today by global security and compliance solutions provider Tripwire, is based on a June 2021 survey of 314 security professionals with direct responsibility for the security of public cloud infrastructure within their organization. Nearly three quarters (73%) of those surveyed currently work in a multi-cloud environment. Of those, 98%…

Cyber-scammers are exploiting public interest in the latest Marvel movie to spread malware infections.  The eagerly anticipated premiere of Disney’s Black Widow is scheduled to take place simultaneously offline in movie theaters and online via streaming services tomorrow. However, cyber-criminals have been illegally monetizing interest in the new flick for months, according to research by cybersecurity company Kaspersky. To gauge the extent of scamming involving the release, Kaspersky experts analyzed malicious files impersonating the new Black…

Jack Wallen shows you how to configure specific DNS servers for your Docker container deployments. Image: Shutterstock/roman-Samborskyi When you deploy a container on your network, if it cannot find a DNS server defined in /etc/resolv.conf, by default it will take on the DNS configured for the host machine. That may be fine and dandy for certain situations. But what if (maybe for security reasons), you do not want your containers using the same DNS as…