RSS_Virtulization

Experts found a bug in Apple’s wireless file-sharing protocol Apple AirDrop that could expose user’s contact information. Boffins from the Technical University of Darmstadt, Germany, have discovered a privacy issue in Apple’s wireless file-sharing protocol Apple AirDrop that could expose user’s contact information, such as email addresses and phone numbers. “A team of researchers from the Secure Mobile Networking Lab (SEEMOO) and the Cryptography and Privacy Engineering Group (ENCRYPTO) at TU Darmstadt took a closer look at this mechanism…

The latest update to Apple’s Big Sur includes critical security patches, which is why Cory Bohon advises upgrading your macOS devices now. Image: Screenshot by Stephen Shankland/CNET Apple released macOS 11.3 on April 26, 2021 to the public. The 11.3 update to Big Sur is available to all compatible systems.  This update includes a serious security update that fixes a zero-day exploit related to the File Quarantine and GateKeeper system in macOS. The security update…

The attack was reportedly pulled off by the Babuk gang, which has already leaked screenshots of some of the stolen data. vchal, Getty Images/iStockphoto Another government agency has found itself the victim of a ransomware attack, and this time it’s Washington, D.C.’s own police department. Serving the nation’s capital, the Metropolitan Police Department (MPD) has acknowledged unauthorized access on its server, an attack for which the Babuk Locker gang has claimed responsibility, according to BleepingComputer…

Law enforcement officers in the United States have arrested a man on suspicion of laundering hundreds of millions of dollars’ worth of Bitcoin (BTC) through a cryptocurrency mixing service. A crypto-mixing service—also known as a cryptocurrency tumbler—obscures the original source of potentially identifiable or “tainted” cryptocurrency by jumbling it up with other funds in a single pool.  An arrest warrant for Roman Sterlingov was successfully executed in Los Angeles, California, on April 27 and filed in the United…

Wyoming’s Department of Health (WDH) has announced the accidental exposure of personal health information belonging to more than a quarter of the state’s population on GitHub.com. The data breach occurred when fifty-three files containing laboratory test results were “inappropriately handled” by an employee.  News of the security incident was published on the department’s website yesterday along with a response plan. WDH detected the breach on March 10. An investigation into the incident revealed that the health information…

Tenable Holdings has completed its acquisition of Active Directory security startup Alsid SAS. The deal, which was first announced in February, was officially closed on April 26 with a cash payment of $98m. Alsid was founded in France in 2016 by Emmanuel Gras and Luc Delsalle, two former incident responders from the French National Cybersecurity Agency (ANSSI). The newly acquired company is best known for its Software as a Service (SaaS) solution that allows organizations to monitor the security of Active…

G7 nations have signed a new declaration that promises to boost online safety worldwide in accordance with open democratic principles. The joint ministerial declaration, signed by tech leaders from the UK, Canada, France, Germany, Italy, the US, and the EU, agreed on a range of principles to tackle cyber-risks. These emphasize that any action taken to tackle cybercrime must support democratic ideals and respect human rights and fundamental freedoms. The announcement has come amid growing…

The phishing emails use a Microsoft logo within an HTML table, which is not analyzed by security programs, says Inky. Image: Getty Images/iStockphoto Cybercriminals who specialize in phishing campaigns are always inventing new tactics to sneak past traditional security tools. In a recent campaign discovered by email security provider Inky, attackers impersonating Microsoft are using a devious method to spoof the software giant’s latest logo. Released on Wednesday, Inky’s report “The Microsoft Table Logo Impersonation…

Hotspots, for those who don’t know, are points of internet connection, allowing you to access them. One you may be familiar with is the one found on your mobile device and the ones available at cafes, restaurants, hotels, airports, and other public places. Your phone, in this case, acts as a router. But is your phone having its hotspot open safe? And what about public Wi-Fi hotspots? The ones anyone can just enter? Let’s explore:…

Palo Alto Networks’ cloud-native security suite is getting a bundle of new features to automate VM security and add malware protection to CI/CD workflows, among others. Image: Palo Alto Networks Palo Alto Networks has announced a series of updates coming to its Prisma Cloud platform that the company said automatically protects cloud-hosted virtual machines and can “increase automation and detection, simplify compliance checks and deepen visibility into malware threats for containers and hosts.” Prisma Cloud…