RSS_Virtulization

As businesses move to the cloud, threat actors have kept pace, which makes their attacks harder to detect and more effective than ever. Image: jctabb/Shutterstock The latest escalation of the cybersecurity arms race finds threat actors following their targets into the cloud as they start to launch difficult-to-detect attacks by leveraging trusted domains owned by companies like Google and Microsoft. According to a blog post from cybersecurity software company Proofpoint, cloud collaboration tools like Microsoft…

We’re all impatient these days, we want things fast and we want them all at once, especially when it comes to technology. In 2010, Intel even had an ad campaign about how watching the hourglass whilst waiting for something to load can lead to stress! They called it “Hourglass Syndrome” and I’m sure we can all relate. But why is it that we hear AI/ML workloads in particular need more performance? Is it because we’re…

The UK privacy regulator has fined a QR code provider that abused its access to personal data to spam individuals with direct marketing at the height of the pandemic. The Information Commissioner’s Office (ICO) explained in a notice yesterday that it fined St Albans firm Tested.me £8000 after it send the marketing email without gaining adequate valid consent from data subjects. The firm provided clients with contact tracing services by enabling them to offer customers…

Some 90% of cyber-attacks investigated by a leading security vendor last year involved abuse of the Remote Desktop Protocol (RDP), and ransomware featured in 81%. The figures come from a new Active Adversary Playbook 2021 compiled by Sophos from the experiences of its frontline threat hunters and incident responders. It revealed that, while RDP is often used to gain initial access into victim organizations, especially during ransomware attacks, it was also hijacked by attackers in…

CSO Online | May 19, 2021 The SolarWinds breach represents a tectonic shift in threat actor tactics, suggesting this kind of attack vector will be replicated. Not only were the attacker’s sophistication and technical proficiency high — allowing them to stay in stealth mode — they also understood the supply chain. Join us to learn how improved identity management and governance surrounding software components, along with workload runtime protection, are critical strategies in guarding against…

Amazon’s, Google’s and Microsoft’s experiences with building massive infrastructures for the world allows for some fascinating insights into the future of IT security at scale. As a result, when Google published The CISO’s Guide to Cloud Security Transformation earlier this year, I was curious about what priorities they saw in cloud security. It’s a short read, and it’s well worth the time invested in downloading a copy.  I want to share my observations on some…