RSS_Virtulization

Most of us don’t have responsibility for airports, but thinking about airport security can teach us lessons about how we consider, design and execute IT security in our enterprise. Airports have to be constantly vigilant from a multitude of threats; terrorists, criminals, rogue employees and their security defenses need to combat major attacks, individual threats, stowaways, smuggling as well as considering the safety of passengers and none of this can stop the smooth flow of…

Rapid7 has announced the acquisition of open source software technology and community Velociraptor. The move will enable Rapid7 to enhance its incident response capabilities by leveraging Velociraptor’s open source platform, which is used for endpoint monitoring, digital forensics and incident response. Velociraptor was developed to help digital forensics and incident response (DFIR) professionals to discover and monitor malicious activities. The platform’s community style also allows DFIR pros to share their insights with one another. It’s…

Cybercriminals go to great lengths to hack personal devices to gather sensitive information about online users. To be more effective, they make significant investments in their technology. Also, cybercriminals are relying on a tactic called social engineering, where they capitalize upon fear and urgency to manipulate unsuspecting device users to hand over their passwords, banking information, or other critical credentials.  One evolving mobile device threat that combines malware and social engineering tactics is called BRATA. BRATA has been recently upgraded by its malicious creators and several strains have already been downloaded thousands of times, according to a McAfee Mobile Research Team report.  …

Security firm launches 18-question test to measure what employees think of security practices and how comfortable they are with calling out possible risks. Image: iStock/NicoElNino Most cybersecurity training teaches users to spot phishing emails or explains how to report suspicious activity. Security company Infosec is taking a different approach by measuring a company’s security culture. This user assessment aims to understand employee attitudes about security and their comfort level in contacting the security team.  Jack…

The UK government is pushing forward with legislation that imposes new security obligations on the manufacturers of Internet of Things (IoT) devices, the Department of Digital, Media and Sport (DCMS) has announced today. The announcement has come amid growing use of IoT devices, with the UK government highlighting figures from the end of last year showing that almost half (49%) of UK residents have purchased at least one smart device since the start of the…

Experts have urged organizations to reassess cyber-risk in their supply chains as it emerged that hundreds of customers of a software auditing company had their networks accessed illegally. Originally thought only to have affected the supplier, San Francisco-based Codecov, the incident is now believed to have been a deliberate supply chain attack likened in sophistication to the SolarWinds operation. Investigators told Reuters that the attack had already led to hundreds of customers’ networks being accessed….

Con artists targeting those in search of shots – NBC’s Liz McLaughlin has details (NBC News) – Con artists are trying to cash in on the coronavirus pandemic! The surge is cases may be behind us, but the surge in scams goes on. In fact, they’re on the rise since the vaccine rollout. “I just got my first shot today.” For many Americans, a COVID-19 vaccine is a ray of hope for the return of…