RSS_Virtulization

NIST’s timely new release of Special Publication (SP) 800-172 (formerly referred to in draft form as 800-171B) provides exactly what its title says, Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST SP 800-171. Yet it goes a step further to protect controlled unclassified information (CUI) specifically from APTs. According to Scott Goodwin, IT audit and security supervisor with OCD Tech and Tripwire guest blog contributor, the latest NIST guidance “…introduces 33…

Increasingly complex threats, staffing shortages, and rising costs are driving investments in security automation By Chris Triolo, Vice President of Customer Success, FireEye The cybersecurity landscape is becoming ever more complex as the number and sophistication of threats continue to rise across all channels and industries. Ransomware, phishing, supply chain attacks and other threats have all grown dramatically over the past year. The FBI reported that complaints made to its Internet Crime Complaint Center (IC3)…

By Mazen A. Dohaji, Vice President, India, Middle East, Turkey & Africa (iMETA), LogRhythm. Throughout 2020, enterprises and public sector organizations across the Middle East have been managing disruption and finding new ways to work. The challenge as we begin 2021 is to not just survive but thrive in this new business environment. That requires adopting new tools and creating a secure foundation that keeps users connected and moving forward. While many organizations have experienced…

On April 15-16, 2021, VMware is heading to the AWS Public Sector Summit and we’re hoping you are, too. We have a lot to share. From our video on-demand session to one-on-one chats with our cloud experts at our online booth, you’ll hear the latest on how VMware helps educational, government and healthcare organizations accelerate their cloud migrations and application modernization. Our video on-demand session (Session ID: SPN202) features Andrew Nielsen, VMware Senior Director of…

Facebook has closed accounts used by a China-linked APT to distribute malware to spy on Uyghurs activists, journalists, and dissidents living outside China. Facebook has taken action against a series of accounts used by a China-linked cyber-espionage group, tracked as Earth Empusa or Evil Eye, to deploy surveillance malware on devices used by Uyghurs activists, journalists, and dissidents living outside China. “Today, we’re sharing actions we took against a group of hackers in China known in the security industry…

An American healthcare provider whose data was allegedly exfiltrated to an Amazon storage account by a cyber-attacker has taken legal action against Amazon.  As many as 85,688 patient and employee records were compromised last week when a threat actor seemingly based in Ukraine struck SalusCare, the largest provider of behavioral healthcare services in Southwest Florida. The attacker is believed to have gained access to SalusCare’s Microsoft 365 environment after an employee clicked a malicious link in a phishing…

Looking for an easy-to-deploy VPN server for your data center? Jack Wallen walks you through the steps for installing the open source Pritunl solution. Image: iStockphoto/Igor Kutyaev At this point in the game, you probably have several employees that will be working from home permanently. That being the case, you might need to deploy a VPN or two, to virtualize your private networks. There are several tools available to make this possible. One such VPN…

Four states have been chosen by the National Governors Association (NGA) for its 2021 Policy Academy to Advance Whole-of-State Cybersecurity.  Kansas, Missouri, Montana, and Washington have all been selected by the NGA Center for Best Practices to work directly with the NGA on cybersecurity governance, workforce development, and government partnership policies.  “Representatives of the four states will convene in-state workshops to create action plans for strengthening state cybersecurity; participate in regularly scheduled convenings with NGA staff on…

The Federal Bureau of Investigation has issued a flash alert to Americans highlighting the dangers of Mamba ransomware. According to the Bureau, Mamba has been deployed against local governments, public transportation agencies, legal services, technology services, and industrial, commercial, manufacturing, and construction businesses. The ransomware works by weaponizing an open source full-disk encryption software called DiskCryptor. By encrypting an entire drive, including the operating system, the software restricts victim access.  “DiskCryptor is not inherently malicious but has been weaponized,” said…