RSS_Virtulization

A major hotel bookings site has been fined €475,000 after failing to report a serious data breach within the time period mandated by the General Data Protection Regulation (GDPR). Booking.com suffered the breach back in 2018 when telephone scammers targeted 40 employees at various hotels in the United Arab Emirates (UAE). After obtaining their login credentials to a Booking.com system, they were able to access the personal details of over 4100 customers who had booked…

A North Korean espionage campaign targeting security researchers has taken another turn with the creation of a new fake company, website and social media accounts to lure victims, according to Google. The tech giant’s Threat Analysis Group (TAG) first discovered the campaign back in January. At the time, the threat group launched a research blog which it posted links to via fake social media profiles on LinkedIn, Twitter and Keybase. It then approached researchers in…

The latest Honeywell USB Threat Report 2020 indicates that the number of threats specifically targeting Operational Technology systems has nearly doubled from 16% to 28%, while the number of threats capable of disrupting those systems rose from 26% to 59% over the same period. Let’s face it. Critical infrastructure operators in manufacturing, aerospace, energy, shipping, chemical, oil and gas, pulp and paper, water and wastewater, and building automation are heavily relying on USB devices. The…

Most global retailers are predicting an increase in fraud budgets next year, with nearly half seeing an increase in attacks, according to new data from Ravelin. The fraud prevention software vendor polled over 1000 merchants globally to understand their current challenges. It revealed that 45% are seeing an increase in account takeover (ATO) attacks. These efforts aim to hijack consumer accounts to tap them for any stored personal information which could be monetized on the dark web….

The burgeoning commercial space industry needs support from the cybersecurity sector to ensure it can be trusted and resilient, according to Rob Meyerson, founder and CEO at Delalune Space, speaking during the LORCA Live online event. Meyerson is formerly of NASA in a highly technical role and Blue Origin, where he worked alongside Jeff Bezos to create new business lines in areas such as human space flights. He is now focused on investing in new businesses…

Authored by: Gage Mele, Tara Gould, Winston Marydasan, and Yury Polozov Key Findings Anomali Threat Research discovered cyberthreat actors distributing malicious documents exploiting a vulnerability (CVE-2017-8570) during a multi-stage infection chain to install a Visual Basic (VB) executable on target machines. This exploitation creates a backdoor that appears to only retrieve an infected machine’s username, possibly indicating reconnaissance activity. We assess with low confidence, based on limited technical intelligence and targeting consistent with previously observed…