RSS_Virtulization

Las organizaciones se enfrentan a un panorama de amenazas en constante evolución, esa es una de las circunstancias que hacen es imperativo que las organizaciones mantengan una política de gestión de vulnerabilidades actualizada para corregir y controlar las vulnerabilidades de seguridad que pueden conducir a una brecha en la seguridad de la información. Con esto en cuenta, una buena política de gestión de vulnerabilidades debe contener lo siguiente: Una visión general de lo que se…

  Today, the PCI Security Standards Council (PCI SSC) published version 1.1 of the PCI Secure Software Standard and its supporting program documentation. The PCI Secure Software Standard is one of two standards that are part of the PCI Software Security Framework (SSF). The PCI Secure Software requirements provide assurance that payment software is designed, engineered, developed and maintained in a manner that protects payment transactions and data, minimizes vulnerabilities, and defends itself from attacks.

A task force organized by the Institute for Security and Technology has urged the White House to tackle the rise in ransomware attacks and make it harder for cybercrimes to be committed. Law enforcement agencies, cybersecurity experts, and governments came together to make a series of recommendations to the Biden administration that aim to disrupt the illegal activities of threat actors.    A report submitted by the task force contained 48 recommendations, including advice to step up the regulation…

Accenture has entered into an agreement to acquire 12-year-old French cybersecurity services company Openminded.  The Irish multinational consulting and processing services company said that the acquisition would strengthen its security presence and capabilities in France and stimulate Accenture’s growth in Europe. Openminded is a provider of advisory, cyber-defense, cloud & infrastructure security, and managed security services. The company was founded in 2008 and now has over 100 internal staff working in four business units.  In 2020, Openminded’s turnover was…

Law enforcement have arrested a nanny based in Boston on suspicion of sharing child sexual abuse material (CSAM) over the messaging app Kik. An investigation was launched into 36-year-old Roxbury resident Stephanie Lak by the Boston Police Department Crimes Against Children Unit following the submission of a cyber-tip to the National Center for Missing and Exploited Children (NCMEC) on March 2.  Kik’s operator, MediaLab, notified NCMEC of an IP address that had been used to send at…

China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years. The Naikon APT group is a China-linked cyber espionage group that has been active at least since 2010 and that remained under the radar since 2015 while targeting entities in Asia-Pacific (APAC) region. Organizations targeted by the group were located in multiple countries around the South China Sea, including the Philippines, Malaysia, Indonesia, Singapore, and Thailand. The…

Comprehensive Tools for Improving Data Security By Sergey Gulyayev, COO, SecureData, Inc. Since 2007, SecureData Inc. has operated on the premise that protecting the world’s most sensitive and vulnerable information requires more than just a single approach. Given the rapid pace of technological innovation and the equally rapid identification of new vectors for cyberattacks, any strategy for mitigation must be flexible and comprehensive. The key to effective data security has always been prevention since no…

The Northern Ireland government has announced a partnership with Immersive Labs and Capita, in which cybersecurity career opportunities will be provided to 16–25-year-olds living in the region. The pilot initiative will offer free access to an enterprise-grade cyber-skills development platform for those who may not otherwise have access to relevant education courses. Initially, the aim is to upskill 1,000 individuals, who will subsequently have job opportunities in large organizations as incident responders, security architects, and…

The threat actors behind the notorious Emotet botnet managed to collect over four million victim email addresses over the past few years, it has emerged. The news came from Troy Hunt, Microsoft regional director and founder of breach notification site HaveIBeenPwned. The FBI recently reached out to Hunt to ask if the site could be used as an intermediary to help those concerned they may have been affected to check their emails against the trove….