RSS_Virtulization

No attack type has been as impactful as ransomware in 2021. According to a panel of experts at the DEF CON 29 conference, the rising notoriety and impact of ransomware in 2021 has accelerated the need for both government and the private sector to act—though there was no clear consensus on the panel on exactly what actions should be taken. Chris Painter, co-chair of the Ransomware Task Force, commented that after the ransomware attack against…

Amazon’s Kindle e-reader is a popular device that has been on the market since 2007, with approximately 100 million Kindles in use around the world today. The primary purpose of the Kindle is to enable users to read books. Slava Makkaveev, security researcher at Check Point Software Technologies, had another idea, though; he wanted to see if he could load a book that would exploit the Kindle. At the DEF CON 29 conference, Makkaveev outlined…

Three Disney theme park employees have been arrested in Florida as part of an undercover sting operation to catch sexual predators who target children via the internet. The suspects are among 17 individuals arrested by the Polk County Sheriff’s Office (PCSO) under the Operation Child Protector initiative. The initiative was a joint effort involving detectives from the Auburndale Police Department, Orlando Police Department, Winter Haven Police Department, and Orange County Sheriff’s Office. From July 27…

A data breach at the University of Kentucky has exposed the personal information of hundreds of thousands of students and staff. An annual cybersecurity inspection uncovered the breach, which was caused by a vulnerability in a server associated with the university’s College of Education database.  News source WDRB reported that more than 355,000 email addresses were exposed in the security incident, with victims located across the world.  “The database is part of a free resource program known as the Digital…

An intelligence analyst who illegally obtained classified US government documents on drone warfare and leaked them to a journalist has been sentenced to prison. Daniel Everette Hale met the reporter in April 2013 while attending an event in a bookstore in Washington DC.  In 2014, while working as a cleared defense contractor at the National Geospatial-Intelligence Agency (NGA), Hale printed six classified documents, all of which were later published by a news outlet. Hale later printed 36…

This is the third in a series of blogs on the Cybersecurity EO, and I encourage you to read those you may have missed. (Part 1, Part 2). Between the initial publication of the Executive Order (EO) for Improving the Nation’s Cybersecurity on May 12 and late July, a flurry of activity by departments and agencies continues to occur on how best to understand and address potential security gaps. Once identified, these analyses will facilitate…

Now patched by Amazon, security vulnerabilities found by Check Point would have given attackers access to a Kindle device and its stored data. Image: Amazon Amazon Kindle owners could have exposed themselves to a remote control attack simply by opening the wrong e-book. In a report published on Friday, cybersecurity provider Check Point said that it discovered security holes in the Kindle that would have helped a cybercriminal take full control of the device, potentially…

Spam as a share of global mail traffic rose, and attackers have started to adapt their scams to other languages to reach wider audiences. Image: Vladimir Obradovic, Getty Images/iStockphoto Despite a rise in global spam numbers, adoption of new languages by phishing attackers, new scam types and a shift in the most commonly impersonated business type to phish people, Kaspersky’s Q2 2021 quarterly spam report is described by its authors as “not delivering any surprises.” …

The scam messages try to convince you to enter your Social Security number and other personal info at a website masquerading as your state’s workforce agency. Image: iStock/Melpomenem Scammers are now targeting people who have filed for unemployment insurance through a phishing campaign designed to capture sensitive information. In a warning posted on Wednesday, the FTC warned of a new series of deceptive text messages and emails that lead you to websites spoofing your state’s…