RSS_Virtulization

  Today, the PCI SSC published a minor revision to the PCI PIN Security Requirements and Testing Procedures—also known as the PCI PIN Security Standard. Version 3.1 of the Standard includes clarifications and updates previously released via FAQs and bulletins and incorporates stakeholder feedback and comments received via a formal request for comment (RFC) period.

By Carter Schoenberg, Vice President of Cybersecurity at SoundWay Consulting. In the January issue of Cyber Defense Magazine, my first article provided an introduction to the Cybersecurity Maturity Model Certification (CMMC). My company has engaged with Government contractors since early January and I wanted to share some common issues that can be used as potential lessons learned as well as a lot has happened since this issue and I wanted to use this opportunity to…

Combining Breadth and Depth Brings Full Protection By Albert Zhichun Li, Chief Scientist, Stellar Cyber Almost since the beginning of network security, vendors and practitioners have wrestled with choices between going deep and going broad for their security solutions. Mostly, the choice varies between predominantly one or the other. Going deep typically means careful monitoring and analysis of certain types of threats or behaviors at the cost of not examining a much broader range of…

Netflix has introduced trial measures to try and prevent the practice of password sharing with multiple households, it has been reported by the BBC. In the trial, users can verify if they are eligible to access a particular account according to Netflix’s terms of service, via a code sent via text or email. In addition, a number of users have reported seeing a message come up on their screen stating: “If you don’t live with…

Enterprise identity security firm SailPoint has appointed Heather Gantt-Evans as its new CISO. Gantt-Evans joins SailPoint from retail giant The Home Depot, where she served as the company’s senior director of security operations and resilience. Prior to The Home Depot, Gantt-Evans held various strategic security roles at Ernst & Young and Booz Allen Hamilton, along with spending six years as an all-source threat intelligence analyst in the US Army. Commenting on her appointment, Gantt-Evans said:…

Threat intelligence experts are warning of a new version of the Darkside ransomware variant which its creators claim will feature faster encryption speeds, VoIP calling and virtual machine targeting. Israeli outfit Kela shared with Infosecurity information posted by the Russian-speaking group to dark web forums XSS and Exploit. They claim that the Windows version of Darkside 2.0 encrypts files faster than any other ransomware-as-a-service (RaaS) and is twice as speedy as the previous iteration. This…

Encrypted communications platform Sky ECC has denied Europol claims that police have managed to access messages sent by criminals using the service. On Wednesday, the law enforcement organization claimed that police had been able to monitor the encrypted chats of 70,000 Sky ECC users, many of them having migrated from the notorious EncroChat platform used by organized crime gangs. It said investigators in Belgium, France and the Netherlands now had access to hundreds of millions…