RSS_Virtulization

Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server which can be run standalone or in conjunction with IIS (Internet Information Services) and is used to broker internet traffic via HTTP network requests. The vulnerability is very similar to CVE-2015-1635, another Microsoft vulnerability in the HTTP network stack reported in 2015. With a CVSS score of 9.8, the vulnerability announced has the potential to…

58% of survey respondents consider human error their organization’s biggest cyber vulnerability as hybrid workforce presents new challenges for cybersecurity teams SUNNYVALE, Calif., May 12, 2021 – Proofpoint, Inc. (NASDAQ: PFPT), a leading cybersecurity and compliance company, today released its inaugural 2021 Voice of the CISO report which explores key challenges facing chief information security officers (CISOs) after an unprecedented twelve months. Sixty-six percent of CISOs feel their organization is unprepared to handle a cyberattack and…

Tune in as host Peter McKee turns over the controls to Brandon Waterloo for a show-and-tell of how to work with Docker and Visual Studio Code (VSCode). A senior software engineer at Microsoft, Waterloo is the lead developer of the Docker extension and works mainly on the Docker extension for VSCode. VSCode is a streamlined source-code editor made by Microsoft for Windows, Linux and macOS that’s fine-tuned for building and debugging modern web and cloud…

Cyber-criminals appear to have leaked online data belonging to the Metropolitan Police Department of the District of Columbia after the law enforcement agency allegedly failed to comply with a ransom demand.  In April, ransomware gang Babuk claimed to have stolen more than 250GB of data from the MPD. Data posted by the gang to back up their claim appeared to contain MPD reports, mug shots, internal memos, and personal information belonging to some suspects who had been placed…

SOCwise Weighs In When the infamous Carbanak cyberattack rattled an East European bank three years ago this month few would have guessed it would later play a starring role in the MITRE Engenuity™ enterprise evaluations of cybersecurity products from ourselves and 28 other vendors. We recently shared the results of this extensive testing and in a SOCwise discussion we turn to our SOCwise experts for insights into what this unprecedented exercise may mean for SOC…

Government and business both need to step up to combat ransomware attacks against critical systems before they spiral further out of control. The ransomware attack against Colonial Pipeline represents a relatively new and destructive type of threat against critical infrastructure. Beyond the financial and operational hit to the company itself, such an attack threatens to impact millions of people dependent on the safe and quick delivery of gas and oil. SEE: Ransomware: What IT pros need…

The number of complex domestic abuse cases in which perpetrators used digital technology to harass, stalk, and control their victims has risen sharply in the United Kingdom. According to the charity Refuge, which is the largest specialist provider of domestic abuse investigation services in England and Wales, the average number of complex tech abuse cases reported from April 2020 to May 2021 rose 97% compared with the three months before the outbreak of the pandemic. Tech abuse can take many…

The International Criminal Police Organization (INTERPOL) is launching a new five-year project to tackle digital piracy following a significant increase in the number of offenses.  According to INTERPOL, digital piracy has increased by more than 60 percent in some countries during the 12 months from April 2020 as millions of people have been confined due to the global health pandemic.  The new INTERPOL Stop Online Piracy (I-SOP) initiative will combat online piracy and crimes involving…

The UK government has published draft legislation designed to tackle a number of online harms, ranging from child sexual abuse to fraud. The Online Safety Bill, which formed part of yesterday’s Queen’s Speech during the state opening of Parliament, will place new obligations on social media sites and other services hosting user-generated content or allowing people to talk to others online to remove and limit the spread of illegal and harmful content. This includes child…