RSS_Virtulization

Most US victims of pandemic-related identity fraud in 2020 still have not had their issues resolved, and a third (33%) claim they didn’t have enough money to buy food or pay for utilities last year as a result, according to a new report. The Identity Theft Resource Center (ITRC) based its new 2021 Consumer Aftermath Report on interviews with 427 identity crime victims who contacted the non-profit before and during the crisis. The FTC claimed that…

Attacks against operational technology (OT) and industrial control systems (ICS) grew dramatically in the past few years. Indeed, a 2020 report found that digital attacks against those two kinds of assets increased by over 2000% between 2018 and 2020. Many of those attacks involved vulnerabilities in Supervisory Control and Data Acquisition (SCADA) systems and other ICS hardware components or password spraying techniques. These types of security incidents are dangerous, as malicious actors can potentially misuse…

Tripwire’s May 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Google Chrome, Adobe and Microsoft. First on the patch priority list this month are patches for macOS (CVE-2021-30657) and Google Chrome (CVE-2021-21220). Exploits for these vulnerabilities have been recently added to the Metasploit Exploit Framework. These systems should be patched as soon as possible. Up next is a patch for a memory corruption vulnerability in Internet Explorer. Next on the patch priority list…

Recent ransomware attacks indicate that the current model of cybersecurity isn’t working. It’s time for a wholesale rethink. Image: Bloomberg/Getty Images Once again, cybersecurity has become a headline topic within and well outside technology circles, along with the little-known operator of a significant fuel pipeline: Colonial Pipeline. A ransomware attack, and ensuing panic buying of gasoline, resulted in widespread fuel shortages on the east coast, thrusting the issue of cybersecurity into the lives of everyday…

Enterprises worldwide are making increasingly large investments in public cloud infrastructure to benefit from the promises of improved agility, faster time to market, and decreased risk. Cloud cost management and optimization can become a big challenge as organizations find that the decentralized nature and rapid scale of the public cloud lead to much larger bills than expected. Beyond surprisingly high costs, organizations often find their teams spending more time trying to track and account for…

Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks. Researchers at the french intelligence agency ANSSI discovered multiple flaws in the Bluetooth Core and Mesh Profile specifications that could be used to impersonate legitimate devices during the pairing process and conduct man-in-the-middle (MitM) attacks while within wireless range of vulnerable devices. All the devices supporting Bluetooth Core and Mesh specifications are affected by the above issues and are vulnerable to impersonation…