RSS_Virtulization

By Gary Fischer, VP Americas, XM Cyber Why is cyber-defense such an asymmetrical war? Hackers can launch a barrage of attacks on a single target and keep going until they find one overlooked weakness. Defenders, meanwhile, are often overwhelmed with alerts, unsure what to patch first and have little real visibility into the weaknesses of their ever-changing environments. In a battle between active adversaries who only need to land a single blow to win — and passive defenders…

By Jeremy Thomas, GitGuardian CEO When we started working on GitGuardian’s detection algorithm and got the first detection results, we could not believe it. We were facing a very counterintuitive reality. Secrets were actually hard coded in source code and available for all to see on public GitHub. And not just developers’ personal secrets but also corporate secrets ending up on developers’ personal repositories outside of corporate control. After scanning billions of commits each year…

By Christian Gitersonke, CEO, Health Insurance Answers The Problem Theft of Private Health Information (PHI) has been around almost as long as healthcare in this country. As technology has evolved and safeguards continue to be put in place to protect it, criminals have found ways to exploit the often times inadequate and sloppy protection of our personal health data. Regardless of the technological safeguards in place, one of the greatest exposures we see are employees…

Linux: How to find details about user logins Length: 2:08 | Jun 25, 2021 If you need to gather information on user logins for your Linux servers, Jack Wallen has just the tool for you. Source link

Cybercrime gangs are finding it harder to recruit partners for the affiliate programs that power ransomware attacks. Image: iStockphoto/nicescene The best way to stop the ever-increasing wave of ransomware attacks is to take away the financial incentive behind these cyber crimes. The response to the Colonial Pipeline ransomware attack may be the first step in doing just that. Both governments and hacker forums have made it harder for ransomware gangs to use the ransomware-as-a-service (RaaS)…

A new Trojan written in the Go programming language, tracked as ChaChi, was involved in ransomware attacks against government agencies and US schools. Researchers from BlackBerry Threat Research and Intelligence spotted a new RAT written in the Go programming language, dubbed ChaChi, which has been used by PYSA (aka Mespinoza) operators to target victims globally. The name ChaChi comes from two key components of the malware, Chashell and Chisel.  Chashell is a reverse shell over DNS provider, while Chisel is a port-forwarding tool….

In the United States, young adults are more than twice as likely as older Americans to cyber-stalk their current or former romantic partners. New research by NortonLifeLock found three in five Gen Z and Millennial American adults who have been in a romantic relationship (60% of those ages 18 to 39) have digitally checked up on an ex or current squeeze without their knowledge or consent.  The same admission was made by just a quarter (24%) of…

A high-level member of the notorious organized cybercrime group FIN7 is to spend the next seven years in an American prison. Hacker Andrii Kolpakov was an active member of FIN7 from at least April 2016 until his arrest in Lepe, Spain, on June 28, 2018.  The 33-year-old Ukrainian national, who was referred to within the hacking group as a pen tester, pleaded guilty in June 2020 to one count of conspiracy to commit wire fraud and one count of conspiracy…

By Ron Newman, SVP at NTT Ltd. Security Division The last year has forced organizations into change, both planned and unplanned. Companies have had to pivot, rethink their business strategies and accelerate their digital transformations. A recent study found that nearly 90 percent of decision makers believe the COVID-19 pandemic has forced them to rely on technology more than ever before. For many organizations, this includes moving workloads to the cloud, a migration that has…

By Jerome Becquart, COO, Axiad The pandemic forced organizations to accelerate their journey to passwordless with secure authentication methods such as multi factor authentication (MFA), as individuals were expected to access the corporate network from a diverse number of locations, without compromising security or operational capacity. According to Gartner, 60% of large enterprises and 90% of midsize businesses will be using passwordless authentication by 2024. But passwordless in isolation is not enough. In order to…