RSS_Virtulization

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Chinese state hackers, Data leak, Ransomware, RAT, Botnets, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending…

More than half of employees who work remotely are deliberately ignoring or working around security policies put in place by their company, according to new research.  The insider threat was unearthed during a recent survey of IT and cybersecurity professionals across industries conducted by identity platform Axiad when putting together its 2021 Remote Workforce Security Report. Researchers found that 52% of tech leaders reported that their remote employees had found workarounds to their company’s security policies. “Employees were…

When you’re considering cloud for your workloads and apps—and even more detailed, matching your apps with the right cloud—how do you choose? Cloud computing offers a ton of benefits, but not all cloud environments are created equal. As we continue to see businesses adopting multi-cloud computing, which includes leaving some apps on-prem or in edge locations, it’s important to build a cloud strategy that takes into account the web of applications you’re likely managing. We’ve…

When you’re considering cloud for your workloads and apps—and even more detailed, matching your apps with the right cloud—how do you choose? Cloud computing offers a ton of benefits, but not all cloud environments are created equal. As we continue to see businesses adopting multi-cloud computing, which includes leaving some apps on-prem or in edge locations, it’s important to build a cloud strategy that takes into account the web of applications you’re likely managing. We’ve…

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 ransomware attacks against Australian organizations in multiple industry sectors starting July 2021. The Australian agency also published 2021-006: ACSC Ransomware Profile – Lockbit 2.0 which includes info related to the activity of the gang, such as initial access, threat activity and mitigations. “The ACSC has received reporting…

  As small and medium businesses begin to re-open following the pandemic, it’s important to do so securely in order to protect customer’s payment card data. Too often, data breaches happen as a result of vulnerabilities that are entirely preventable. The PCI Security Standards Council (PCI SSC) has developed a set of payment protection resources for small businesses. In this 8-part back-to-basics series, we highlight payment security basics for protecting against payment data theft. Today’s…

It’s impossible to guarantee security—but nearly all organizations should take these actions to protect organizational data and systems. Image: Andy Wolber/TechRepublic “During the meeting, [name withheld] said their organization was hacked. Is there anything we should all do?” the email said. Apparently, unauthorized access to an email account allowed a thief to make a financial account transfer that resulted in the loss of tens of thousands of dollars. Larger companies often reduce risk by hiring…

Researchers have found that the sale and purchase of unauthorized access to compromised enterprise networks are influenced by location and industry. IntSights, a Rapid7 company, released new research today that highlights the dark world of network access, with findings showing that underground criminals sell access to organizations for up to $10,000. “Some cyber-criminals specialize in network compromises and sell the access that they have obtained to third parties, rather than exploiting the networks themselves,” explained the researchers….

Windows 11 will turn on hardware security by default but only on new PCs or if you re-image from scratch. But there is a workaround. Image: Microsoft Security is only one of the reasons for the hardware requirements for Windows 11; it’s also about reliability, compatibility and performance. But the hardware security features in the CPUs that Windows 11 will run on reduce malware and ransomware attacks significantly.  SEE: Windows 10: Lists of vocal commands for…

Consumers have been warned about a new “convincing” smishing scam that impersonates international parcel delivery firm DPD. The consumer group Which? provided insights into the smishing campaign, in which scammers attempt to trick recipients into giving away personal information, including payment details. In the scam, consumers receive a text that states: “DPD: We tried to deliver your parcel however no one was available to receive it. To arrange your redelivery, please proceed via: *link.” The Which? researchers…