RSS_Virtulization

The ransomware changes the device password to “DTrump4ever” and forces the device to log in automatically after being rebooted. Image: iStockphoto/Kritchanut The hackers behind the REvil ransomware have released an updated version of the malware that allows them to change Windows passwords and automate file encryption through Safe Mode, according to a recent report from Bleeping Computer. Researcher R3MRUN also released a detailed breakdown of the attack method on his Twitter account, highlighting that attackers…

Endpoint protection for remote workers is still a huge concern, but one report finds that there may be light at the end of the tunnel as businesses signal they’re spending more on user training. Image: iStockphoto/SARINYAPINNGAM A report from anti-theft software company Prey found that, while cybersecurity concerns regarding remote work are still prevalent, most businesses have taken positive steps to improve their security postures and have improved their security training over the past year….

Microsoft patch Tuesday security updates address four high and critical vulnerabilities in Microsoft Exchange Server that were reported by the NSA. Microsoft patch Tuesday security updates released today have addressed four critical and high severity vulnerabilities in Exchange Server (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483), some of these flaws were reported by the U.S. National Security Agency (NSA). All the vulnerabilities are remote code execution that could allow attacks to compromise vulnerable installs, for this reason, the IT giant urges…

The reports reveal an increase in requests from U.S. law enforcement agencies, and that the company received the most requests for content removal from China during this period. Image: Lucian Alecu/Getty Images Microsoft has released its latest biannual digital trust reports on the Microsoft Reports Hub. The reports consist of the Law Enforcement Requests Report, U.S. National Security Orders Report, Content Removal Requests Report and Digital Safety Content Report. The tech giant also released its…

The United States has indicted two Pakistani men on suspicion of operating an illegal online store that sold false identification documents on the dark web.  Karachi residents 34-year-old Mohsin Raza and 33-year-old Mujtaba Raza were charged in a six-count federal indictment unsealed in the District of New Jersey on April 15.  Each man is charged with conspiracy to produce and trade in false identification documents, three counts of transferring false identification documents, one count of false use of…

America has issued a cybersecurity advisory that urges organizations to patch vulnerabilities it says are being exploited by Russian Foreign Intelligence Service (SVR) actors. The warning was jointly issued on April 15 by the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI), as the US announced new sanctions against Russia. Titled “Russian SVR Targets US and Allied Networks,” the advisory lists five publicly known vulnerabilities and calls for network…

VMware Cloud on AWS GovCloud (US) has announced several updates over the last few quarters. VMware has been operating this service successfully for the last 15 months in AWS GovCloud (US-West) region – with Federal, Defense, State, and Local Government customers deploying hybrid cloud topologies and extending their data centers to the public cloud. Today we are pleased to announce several exciting updates to VMware Cloud on AWS GovCloud (US). The new networking and security…

By Stas Gaivoronskii, Malware Analyst at ANY.RUN Cybercriminals create new ways to make malware invisible for detection. They hide malicious indicators and behavior during analysis. Researchers need to know about different approaches to improve security. I have investigated evasion techniques that ANY.RUN service faces every day, and I would like to share my insights. Malware evasion Defense evasion is the way to bypass detection, cover what malware is doing, and determine its activity to a…

Ohio PKI-as-a-Service pioneer Keyfactor and Swedish PKI solutions provider PrimeKey have announced their intention to merge. Plans for the companies to come together under the Keyfactor brand “while committing to increased investments across all product lines” were shared on April 15.  PrimeKey was established 19 years ago by the company’s CTO, Tomas Gustavsson, who developed an interest in computer code as a child. Today the company works with partners and customers across six continents from its headquarters in Solna, Stockholm.  Describing how…

The UK data protection landscape is a lot more complex following Brexit. Many organisations are now subject to both the EU GDPR (General Data Protection Regulation) and the UK GDPR (General Data Protection). The UK version was born out of the EU GDPR, so you might think that there are only cosmetic differences and that minor actions are required to adjust your documentation and compliance practices. Unfortunately, it’s not that straightforward. If you haven’t done…