RSS_Virtulization

Nearly three-quarters (72%) of IT leaders are concerned that tools and techniques used by nation-states will eventually end up in the hands of cyber-criminals and be used to attack their organization, according to HP. The findings come from a poll of 1100 IT decision-makers in the UK, the US, Canada, Mexico, Germany, Australia and Japan. Ian Pratt, global head of security, personal systems at HP, argued that such concerns are well-founded. He cited recent events such as…

The US Census Bureau has been heavily criticized by a government inspector after a 2020 breach which could have been prevented by prompt patching. Although the attacker was not able to access servers used for the 2020 census, they could modify user account data to prepare for remote code execution, according to the US Office of Inspector General (OIG) report. Fortunately, the attacker’s attempt to maintain access to the system by creating a backdoor was unsuccessful, thanks to the Bureau’s firewalls….

T-Mobile has admitted that threat actors have stolen personal information on 48.6 million current, former and prospective customers. The US carrier revealed in a notice yesterday that the breach affected 7.8 million current T-Mobile post-paid customer accounts, over 40 million records of former or prospective customers who had applied for credit and 850,000 active T-Mobile prepaid customers. Previous reports had claimed that over 100 million customers might have been hit after a threat actor offered customer records for sale on…

With increased internet usage during the new normal of remote working, phishing attacks continue to challenge business security defenses. Cyberthugs often distribute malicious codes via various kinds of phishing baits, causing severe consequences to organizations’ critical digital infrastructure. A joint study from Proofpoint and Ponemon Institute revealed that the financial damages from phishing attacks have skyrocketed amid distributed work environments. The 2021 Cost of Phishing Study found that phishing attacks cost organizations nearly $14.8 million (over…

Communication with instructors and students is still crucial to fighting ransomware attacks against higher education institutions, though there needs to be a safety net, a group of university cybersecurity officials said during a panel discussion Thursday. Schools are centralizing data storage, adopting multi-factor authentication and segmenting networks for students, staff and researchers to protect data in case of a breach, panelists said. Mary Dickerson, the chief information security officer at the University of Houston, said…

No discussion on ICS attacks could be complete without talking about what some would call, ‘the elephant in the room.’ Critical infrastructure has always been a target for warfare, and modern ICS are no exception. Several high-profile ICS disruptions have in fact been attributed to malicious hackers working at the behest of a military or intelligence agency. Looking at Examples of APTs The potential impact of a wartime ICS cyber incident is hard to understate….

By Olivia Gallucci, Cybersecurity Reporter, Cyber Defense Magazine I interviewed approximately sixty industry leaders from over forty companies who attended Black Hat. Although this article series—The Optis—can be read as a traditional Black Hat recap, I specifically highlight twenty-one companies that stand out and whose growth I recommend watching. Rochester Institute of Technology’s Cybersecurity Club, RITSEC, inspired the metrics I used to analyze and rank companies. Specifically, I adopted RITSEC’s motto, “Security Through Community,” while…

A former United Airlines employee has been sent to prison for stealing passengers’ financial data and using it to make fraudulent purchases.  Hayder Lefta, of Manchester, New Hampshire, worked as a customer service representative at Manchester-Boston Regional Airport in 2018 and 2019. Court documents showed that while assisting customers at the airport, the 25-year-old made a copy of their credit card numbers.  Lefta later used these stolen card details to purchase airline flights and meals…