RSS_Virtulization

Key Takeaways for Control 4 Most fresh installs of operating systems or applications come with pre-configured settings that are usually insecure or not properly configured with security in mind. Use the leverage provided by multiple frameworks such as CIS Benchmarks or NIST NCP to find out if your organization needs to augment or adjust any baselines to become better aligned with policies your organization is trying to adhere to. Throughout the CIS Controls, many Controls…

Apple released security patches to fix two zero-day vulnerabilities in iOS and macOS that are actively exploited in attacks in the wild. Apple rolled out security patches to fix a couple of zero-day flaws in iOS and macOS (CVE-2021-30860, CVE-2021-30858), the IT giant also warns its customers that these issues are actively exploited in attacks in the wild, come of which were reported by researchers from Citizen Lab. In August, researchers from Citizen Lab spotted a zero-click…

CDMG – 10th Anniversary – Trip to Walt Disney World Contest – up to $10,000.00 USD in Value – Contest begins September 15, 2021 and ends on December 15, 2021. January, 2022 will mark 10 years of our hard work at building the Cyber Defense Media Group.  Thanks to growing interest, we have over 200,000 opt in email subscribers, millions of annual visitors reading our news, our e-magazines, listening to our podcasts and watching our interviews. …

A serious flaw has been found in the driver of a popular PC gaming software used by millions.  Researchers from SentinelLabs published details of the vulnerability in the HP Omen Gaming Hub on September 14. They said that attackers could exploit the flaw to locally escalate to kernel-mode privileges. “With this level of access, attackers can disable security products, overwrite system components, corrupt the OS, or perform any malicious operations unimpeded,” wrote researchers.  Omen comes preinstalled on…

A medical practice in Arizona has lost nearly all the data entered into its electronic health record (EHR) system due to a cyber-attack.  Desert Wells Family Medicine, which has been serving patients in Queens Creek for 20 years, was attacked by cyber-criminals on May 21. The practice had backed up all its EHR data before the attack took place, but the attackers managed to encrypt both the original files and the backup files using ransomware. The practice…

What you need to know about Licensing Microsoft Windows Server 2022 for VMware Cloud on AWS Microsoft has recently announced that the next version of Windows Server, Windows Server 2022, is now available in the Volume License programs. For those of you who are planning to upgrade and deploy that version on VMware Cloud on AWS, or any Listed Provider, you will want to pay attention to the Outsourcing Software Management. The rules for using…

By using an alternative means of authentication, you can now go passwordless on your Microsoft account. Image: Daniel Chetroni/Shutterstock Those of you who use a Microsoft account to sign into Windows, Office, Outlook or other Microsoft apps and services can now fully jettison your password as another step toward a passwordless future. In a blog post published Wednesday, Microsoft announced that the passwordless sign-in option that rolled out to business users in March is now…

For this week’s executive spotlight, I’m highlighting Kathleen Curry, senior vice president, Global Enterprise Channels at McAfee Enterprise. Curry was named one of CRN’s 2021 Channel Chiefs. Joining the company in April 2020, she was acknowledged for her contributions expanding our partner program initiatives to reward partners for servicing customers in line with their modern needs and consumption preferences. This includes spearheading McAfee Enterprises’ “channel first” initiative and ethos, aimed to better empower our channel partner…

One out of every two on-premises databases has at least one vulnerability, according to a study from Imperva Research Labs. Image: iStock/GaudiLab Exploiting security flaws is one of the major tactics used by cybercriminals to attack organizations. Vulnerabilities are an unfortunate fact of life for operating systems, applications, hardware devices and last, but not least, databases. An attack against a database can easily compromise sensitive and confidential user and customer data. A report released Tuesday…

Three former members of the United States military or United States Intelligence Community (USIC) have been fined for providing hacking-related services to a foreign government.  United States citizens, 49-year-old Marc Baier and 34-year-old Ryan Adams, and 40-year-old former US citizen Daniel Gericke were investigated by the Department of Justice (DOJ) over claims that they had violated U.S. export control, computer fraud, and access device fraud laws.  On September 7, the three men entered into a deferred prosecution…