RSS_Virtulization

“Pasa a la nube” ha sido la respuesta vez más común en los últimos años para abordar el problema de cómo manejar cantidades masivas de datos. Por un lado, es comprensible, usar infraestructura propiedad de un tercero con equipos dedicados a implementar la seguridad desde su diseño, pruebas continuas y la validación suena atractivo. Sin embargo, lo que muchos no toman en cuenta si bien la infraestructura de terceros está protegida y se prueba con…

As we say goodbye to 2020 and spend time reflecting on the industry changes, reassess our workflows and procedures in order to identify where 2021 will bring us, it’s a brilliant time to also address our security practices and ways we can bring improvement to those, as well. After considering the top challenges I saw with development teams and security teams within development environments, I came up with a list of ways to focus our…

Ransomware and DDoS is on the Rise: Tips for Distance Learning in 2021 The holidays have come and gone, and students returned to the virtual classroom. But according to the FBI, cyberattacks are likely to disrupt online learning in the new year. As of December 2020, the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and MS-ISAC continue to receive reports from K-12 educational institutions about the disruptions caused by cyberthreats, primarily ransomware and Distributed Denial…

Ransomware and DDoS is on the Rise: Tips for Distance Learning in 2021 The holidays have come and gone, and students returned to the virtual classroom. But according to the FBI, cyberattacks are likely to disrupt online learning in the new year. As of December 2020, the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and MS-ISAC continue to receive reports from K-12 educational institutions about the disruptions caused by cyberthreats, primarily ransomware and Distributed Denial…

Oracle’s first Critical Patch Update of 2021 addressed 329 security updates across 25 product families, including five new critical flaws in Oracle WebLogic Server. Background On January 19, Oracle released the Critical Patch Update (CPU) for January 2021, its first quarterly release for the year. This quarterly update contains fixes for 202 CVEs in 329 security updates across 25 Oracle product families. Out of the 329 security updates published this quarter, over 42% were assigned…

Two women in Kentucky have been arrested in connection with a year-long cybercrime operation involving stolen identities and fraudulent benefit claims.  An investigation was launched by police in West Buechel at the beginning of January when they received a call from a local branch of the bank BB&T to say that a fraudulently authorized check for nearly $40,000 had just been cashed.  Police traced the fraudulent check to 57-year-old Lori Davis and subsequently obtained a search…

  Picture an infant with a credit card.In her name. With a $10,000 limit. Well, it happens. As recent as 2017, it was estimated that more than 1 million children in the U.S. were victims of identity theft. Of them, two-thirds were under the age of seven, and the total losses connected to all this fraud weighed in $2.6 billion dollars. As I mentioned in part one of our article on the connected lives of…

Researchers identify seven vulnerabilities in popular Domain Name System software. Background On January 19, researchers from the JSOF Research lab disclosed seven vulnerabilities in dnsmasq, a widely used open-source application for network infrastructure. Dubbed “DNSpooq” by the JSOF team, the acronym is a play on words as the vulnerabilities allow for Domain Name System (DNS) spoofing. The JSOF team also released a detailed whitepaper with technical details around their research. Image Source: JSOF The vulnerabilities…