RSS_Virtulization

A year after the transition to remote working, many organizations continue to grapple with security issues and weaknesses, says PC Matic. Image: iStockphoto/Igor Kutyaev The coronavirus pandemic and lockdown forced organizations to shift many of their employees to a work-from-home scenario. But such a quick transition opened the door to several security risks, many of which are still around almost a year later. A report published Tuesday by security firm PC Matic looks at the…

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: BlackRock, CopperStealer, Go, Lazarus, Mirai, Mustang Panda, Rust, Tax Season, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats…

With most of the world still not vaccinated against COVID-19, criminals are hawking fake vaccine documents, says Check Point Research. Image: iStock/rosshelen People who get one or two coronavirus shots receive some type of document or certificate confirming the vaccination. At some point, such proof may be required for certain types of international travel. But with only around 6% of the world’s population currently vaccinated, a lot of people are still unprotected, which means they…

The Cloud Security Alliance (CSA) and ISACA have announced the availability of the first credential for auditing the security of cloud security systems. The introduction of the Certificate of Cloud Auditing Knowledge (CCAK) comes amid a huge surge in the adoption of the cloud in the past year, as organizations scrambled to facilitate mass remote working. Developed by the CSA and ISACA, the CCAK credential and training program aims to prepare IT and security professionals…

Popular manga reader MangaDex has decided to rebuild its website after suffering a major breach which compromised its source code and potentially a customer database. The “scanlation” site enables fans of certain titles to read them in their own language for free. However, last Wednesday it discovered an unauthorized individual had managed to gain access to an administrator account, after stealing a session token by exploiting a web vulnerability. The site was brought back online after the…

The black market in coronavirus-related pharmaceuticals and tests continues to grow, with researchers detecting a 350% increase in adverts for supposed ‘vaccines’ over the past three months. Check Point Research revealed new data today claiming that the number of dark web ads for COVID-19 vaccines has trebled since January, with Johnson & Johnson ($600), AstraZeneca ($500), Sputnik ($600) and SinoPharm ($500) brands all on offer for a few hundreds dollars apiece. Dark web activity around…

Speaking in the opening keynote session of the Spring Infosecurity Magazine Online Summit, security awareness advocate Javvad Malik explored what he referred to as the “defenders dilemma” – along with outlining strategies for overcoming the issue. Malik explained that due to various reasons including budget/resourcing challenges, competing business priorities and incomplete data, the defender’s dilemma is that most companies are inefficient defenders. “There is a perception about security that is built up, but it’s not necessarily aligned…

Identity verification firm Jumio has secured a $150m investment from private equity business Great Hill Partners, it has announced. The growth capital represents the largest funding round in the history of digital identity and will fuel innovation and automation within the company, Jumio outlined. The investment will be used to dedicate additional resources to automating identity verification solutions, expand the breadth of the Jumio KYX Platform and grow the suite of AML compliance services, Jumio…

By Amit Bareket, Co-founder and CEO, Perimeter 81 As each day passes by, the news of a new data breach grabs the latest headlines. While there could be many reasons why a breach occurs from stolen credentials, supply chain attacks, or malware, however on many occasions employees are seen as the culprit. According to an industry report by Shred-it, over 47 percent of executives have said that human error is the cause of a data…