RSS_Virtulization

Online fraud is getting sneakier and stealthier as mischievous operatives evolve their techniques. Learn some of the unique tricks afoot today and how to spot them. Image: Disney My family and I enjoyed the TV show “Loki,” which portrays the god of mischief entailed in various shenanigans. I thought how many “variants” of Loki are online—albeit less charismatic—trying to pull off fraudulent tricks to bilk victims out of money or identity information. The tricks are…

To remain competitive in the digital age, organizations frequently introduce new hardware devices and software installations to their IT environments. The problem is that these assets might suffer from vulnerabilities that attackers could misuse, if unpatched, to change a device’s configuration or make unauthorized modifications to some of the organization’s important files. Either of these scenarios could help threat actors to establish an initial foothold on the network, access which they could then leverage to…

US government security experts have urged system administrators to patch two critical flaws in widely used Cisco and Atlassian products, exposing them to compromise. In a rare move, US Cyber Command took to Twitter before the Labor Day holiday weekend on Friday to address the Atlassian bug. “Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate. Please patch immediately if you haven’t already—this cannot wait until after the weekend,” it warned. Atlassian issued…

The US Securities and Exchange Commission (SEC) has warned investors not to fall for scams capitalizing on the Hurricane Ida recovery and clean-up operation. The regulator’s Office of Investor Education and Advocacy claimed that disasters including hurricanes, floods and oil spills often attract opportunistic fraudsters, who use email and social media to promote their scams. “These scams can take many forms, including promoters touting companies purportedly involved in clean-up and repair efforts, trading programs that falsely guarantee…

One of America’s largest school districts has informed students, alumni, parents and employees that personal data from the past 11 years was exposed after a third-party gained unauthorized access to it. The Dallas Independent School District (ISD) claims to serve 145,000 students in 230 schools across the region and boasts 22,000 employees. However, it revealed last Friday that it was notified about a data security incident on August 8. Although the district is still working out which…

On May 13, Verizon released its Data Breach Investigations Report (DBIR) 2021. This annual publication serves many purposes. It yields context into what security analysts are seeing, for instance. But it also affects organizations’ security postures at an even higher level. Here’s Anthony Israel-Davis, research and development manager at Tripwire, with more: One thing that the DBIR does is it takes the things that are going on in the cybersecurity space, particularly with breaches and…

Data breaches are now part of doing business, with many companies having been affected. Data is very valuable to criminals because it is often used to commit fraudulent activities as well as to enhance the credibility of scams. Data that is stolen ranges from Social Security Numbers (SSNs) to other identification documents and payment details. Scammers can do a great deal with just one or two pieces of personal information. A talented scammer in possession…

Understanding and implementing MFA and strong password protocol. By Jeff Severino, CyberLock Defense, Lockton Affinity The importance of multi-factor authentication and password security is critical. Often, it is your best line of defense for protecting all your data, devices and systems from unauthorized access. Unfortunately, many don’t take password security seriously, which makes them especially vulnerable to hackers. Good password security can help protect you from data breaches, network intrusions, malware and viruses. It can…

By Joseph Carson, Advisory CISO, ThycoticCentrify Many organizations are coming to the harsh realization that it’s only a matter of when, not if, they will fall victim to a cyberattack. These attacks can range from data breaches to ransomware to Distributed Denial of Service (DDoS) attacks and are often a result of malicious actions by cybercriminals or nation-state actors operating from different parts of the globe. There is no shortage of technology designed to defend…

Cybersecurity training is not the same across all companies; SMB training programs must be tailored according to size and security awareness. Here are an expert’s cybersecurity training tips. Image: Jaiz Anuar/Shutterstock Who better to give advice about how small- or medium-sized businesses should handle cybersecurity than an organization and expert with currency in helping SMBs survive? Anete Poriete, UX researcher at CyberSmart, in her Real Business article, The Best Practises for Cybersecurity Training in SMEs…