RSS_Virtulization

Just a couple of years of IT experience is all that’s necessary to break into the cybersecurity field with this self-paced training. Image: Sergey Nivens/Shutterstock With the increasingly frequent malware and ransomware attacks, cybersecurity skills are among the most valued in the tech industry, and that isn’t likely to change. So IT professionals who are just at the intermediate level of tech experience can give their careers a boost with the affordable, self-paced Ultimate 2021…

Microsoft is warning its users of a zero-day vulnerability in Windows 10 and versions of Windows Server that is being leveraged by remote, unauthenticated attackers to execute code on the target system using specifically crafted office documents. Tracked as CVE-2021-40444 (CVSS score: 8.8), the remote code execution flaw is rooted in MSHTML (aka Trident), a proprietary browser engine for the now-discontinued Internet Explorer and which is used in Microsoft Office to render web content inside…

Move beyond traditional security strategies to protect against the two most common types of ransomware threats By Jon Toor, CMO, Cloudian The Director of the FBI recently described ransomware as posing a threat comparable in scale to the September 11 terrorist attacks. In light of these comments, and after several high-profile ransomware incidents such as the Colonial Pipeline attack, there should be little doubt that ransomware poses the greatest cybersecurity threat to organizations today. Broadly…

US Government is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware operations to cash out ransom payments. The Biden administration is putting in place all the strategies to disrupt the operations of the ransomware gangs, and according to the Wall Street Journal, it is now planning to target the digital finance infrastructure used by these criminal organizations. The Biden administration is expected to apply sanctions against crypto exchanges, wallets, and…

Office 365 and Azure Active Directory’s security diagnostics are surprisingly useful tools. Image: Virgiliu Obada/Shutterstock We’ve all had spam and phish from compromised Office 365 systems. They’re a prime target for bad actors, as mail from Exchange Online is highly trusted, and with the automation tools Microsoft has developed hackers can use the Microsoft Graph APIs to programmatically send messages in the background, while the owner of the compromised account carries on working without knowing…

Register now for our 15th Annual Infosecurity Magazine Autumn Online Summit The event showcases an extensive education program featuring high caliber speakers and thought leaders in the cyber community as well as offer packed resource centers featuring the latest reports, research and case studies. The event showcases an extensive education program featuring high caliber speakers and thought leaders in the cyber community as well as offer packed resource centers featuring the latest reports, research and…

A former IT executive at a NASDAQ-listed healthcare company is facing more than a quarter of a century behind bars after pleading guilty to insider trading and preparing a false tax return. Dayakar Mallu, 51, of Orlando, Florida, admitted to conspiring with others to trade in the securities of Mylan, which is now a part of global healthcare firm Viatris. Between 2017 and 2019, the former vice president of global operations information technology worked with another…

Millions of consumers may have exposed their personal and payment information after researchers discovered API security vulnerabilities affecting multiple apps. CloudSEK said that of the 13,000 apps uploaded to its BeVigil “security search engine” for mobile applications, around 250 use the Razorpay API to facilitate financial transactions. Unfortunately, it found that approximately 5% of these exposed their payment integration key ID and key secret. This is not a flaw in Razorpay, which serves around eight million…

The US government is reportedly set to announce new measures, including sanctions to deter cryptocurrency businesses from getting involved in laundering and facilitating ransomware payments. People familiar with the matter told the Wall Street Journal that the Treasury could roll out the new sanctions as early as this week. They’ll reportedly target cryptocurrency exchanges and traders who either knowingly or unwittingly enable cybercrime transactions. As part of the measures, the government will also issue new guidance explaining…

Defining the architecture of your cloud environment is becoming increasingly complex, with business needs extending beyond a single provider’s native services, and beyond your own data center or private cloud. Now, as teams seek out the best native services for their applications from multiple cloud providers, and others need compute and data processing at the edge, the question of how you meet those needs with a manageable, secure architecture is less clear. VMware today is…