RSS_Virtulization

Misconfiguration of back-end cloud services by more than 20 mobile app developers may have exposed the personal data of over 100 million Android users, according to researchers. A team at Check Point investigated 23 Android applications in a new piece of research, and found users’ emails, chat messages, location, passwords and photos all exposed by poor security practices. There were three main issues. First, misconfiguration of the real-time databases that developers use to store data…

MITRE ATT&CK stands for MITRE Adversarial Tactics, Techniques and Common Knowledge. It’s a curated knowledge base of adversarial behavior based on real-world observation of APT campaigns. The original impetus for the project was to answer the question, “How are we doing at detecting documented adversary behavior?” MITRE ATT&CK v1 was released in 2015, and since then, it has seen rapid growth and adoption across multiple domains such as risk management, threat intelligence, incident response and…

As has long been the tradition at the annual RSA Conference, the final panel event is the Top 5 Most Dangerous New Attack Techniques session, and the virtual 2021 edition of the conference was no exception. Ed Skoudis, fellow and director at SANS Institute, identified undermining software integrity as one of the biggest attack vectors that he is seeing today. Software integrity includes supply chain security for all the embedded libraries and components that make…

There are a number of common executive cybersecurity roles today, including chief security officer (CSO) and chief information security officer (CISO), and now it’s time to add one more – the chief product security officer (CPSO). In a session on May 20 at the 2021 RSA Conference, Chris Wysopal, founder and CTO at Veracode, and Joshua Corman, chief strategist for the healthcare sector at CISA, outlined why it’s time for organizations to have a chief product…

SANTA CLARA, Calif., May 20, 2021 /PRNewswire/ — Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, announced today financial results for its fiscal third quarter 2021, ended April 30, 2021. Total revenue for the fiscal third quarter 2021 grew 24% year over year to $1.1 billion, compared with total revenue of $869.4 million for the fiscal third quarter 2020. GAAP net loss for the fiscal third quarter 2021 was $145.1 million, or $1.50 per diluted share, compared with GAAP…

The global cyber-threat environment is the “worst it’s ever been” due to the increasingly reckless behavior of the four major nation-state actors in this area: China, Russia, North Korea and Iran. That was the message of Dmitri Alperovitch, chairman, Silverado Policy Accelerator, and Sandra Joyce, executive vice president, head of global intelligence at FireEye, who provided the annual Global Threat Brief during a keynote session on day 3 of the 2021 RSA virtual conference. Alperovitch…

App developers are failing to properly set up and secure access to third-party services, putting user data at risk, says Check Point Research. Image: Check Point That mobile app you’ve been using could be exposing your personal data to the wrong people, not because of the way the app is designed but because of the way it taps into third-party services. As described in a report released on Thursday, cyber threat intelligence firm Check Point…