RSS_Virtulization

Back in June, I wrote about the Transportation Security Agency’s (TSA) new security directive concerning pipeline owners and operators. The order mandated those entities to disclose security incidents such as the ransomware attack that affected the Colonial Pipeline Company back in May to the TSA and the Cybersecurity & Infrastructure Security Agency (CISA). It also required pipeline owners and operators to review their current practices, designate someone like a Chief Information Security Officer (CISO) as…

UK employees can now use one single click to flag scam emails to the National Cyber Security Centre (NCSC), with the organization already receiving 6.5 million reports from the public since its original launch. Launched today, the NCSC says it has made it easier than ever for employees in the UK to join the fightback against email scams targeting their organizations. Guidance has been published on how IT administrators can add a new reporting tool…

A regulatory technology (RegTech) company has launched a new campaign to encourage UK organizations to ditch manual “outdated” identification and verification methods for regulated businesses. SmartSearch, based in West Yorkshire, UK, launched its Electronic Verification Uncovered campaign to raise awareness of the dangers of manual ID checks. As part of the campaign, it has published its SmartSearch Index report, conducted by 3Gem Market Research, to highlight the ongoing threat of money laundering in the UK….

As businesses emerge from the pandemic, many are making strategic decisions about their long-term work arrangements. While there is a substantial debate about remaining remote or bringing people back to the office, many companies are choosing to meet in the middle, embracing a hybrid work arrangement that allows people to work both on-site and remotely. According to a Gartner survey of industry leaders across representative sectors, 82% of companies plan to provide a remote work…

OT networks often rely on Windows systems for various ICS applications including HMIs, historians, and data gateways. Beyond that, they also commonly rely on Windows systems to run associated IT-networks. A successful ransomware deployment into either of these networks may prevent engineers from controlling plant operations and lead to an unplanned shutdown. This creates an immediate cost on the organization due to lost productivity. In the worst case, unplanned shutdowns may lead to physical failures…

Taiwanese vendor Synology has warned customers that the StealthWorker botnet is targeting their NAS devices to deliver ransomware. Taiwan-based vendor Synology has warned customers that the StealthWorker botnet is conducting brute-force attacks in an attempt to implant ransomware. Once compromised the device, threat actors employed it in a botnet used in attacks aimed at Linux systems, including Synology NAS. “Synology PSIRT (Product Security Incident Response Team) has recently seen and received reports on an increase…

Jack Cable, a security architect at Krebs Stamos group, and a former U.S. Cybersecurity and Infrastructure Security Agency worker, has started a ransomware payments tracking site called Ransomewhere. Because bitcoin transactions are public, you can see—if you look—who’s getting paid how much. Ransomwhe.re keeps a running tally of ransoms paid based on anonymous self-reporting by the victims of ransomware. The full database is available for free to researchers and all enforcement. SEE: How to manage…

Ransomware operators by income: Top 5 Length: 2:39 | Aug 11, 2021 Ransomware gangs continue because they make a lot of money. Tom Merritt talks about the five most lucrative ones. Source link