RSS_Virtulization

Remote access is becoming an organization’s weakest attack surface, according to new research published today by the Ponemon Institute and third-party remote access provider SecureLink. The new report, titled “A Crisis in Third-party Remote Access Security,” reveals a disparity between an organization’s perceived third-party access security threat and the protective measures it puts in place.  Researchers found that organizations are exposing their networks to non-compliance and security risks by not taking action to reduce third-party access risk.  Nearly half (44%) of…

Facebook says it wants to make E2EE the default across all of its messaging platforms, but this will be a gradual process. Facebook Messenger won’t be encryption until at least next year. Image: James Martin/CNET Facebook has pledged to make end-to-end encryption (E2EE) the default across all of its messaging services – though has told users not to expect it on Facebook Messenger or Instagram Direct until 2022 “at the earliest”. Gail Kent, Facebook’s policy…

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Data Theft, Backdoor, Ransomware, Targeted Ransomware Attacks and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber…

Google’s Android operating system has been a boon for the average consumer. No other operating system has given so much freedom to developers and hardware manufacturers to make quality devices at reasonable prices. The number of Android phones in the world is astounding. That success comes with a price, however. A recent report from our own McAfee Mobile Research team has found malicious apps with hundreds of thousands of downloads in the Google Play store. This round of apps poses…

Google’s Android operating system has been a boon for the average consumer. No other operating system has given so much freedom to developers and hardware manufacturers to make quality devices at reasonable prices. The number of Android phones in the world is astounding. That success comes with a price, however. A recent report from our own McAfee Mobile Research team has found malicious apps with hundreds of thousands of downloads in the Google Play store. This round of apps poses…

The UK Cyber Security Association has officially launched and is open for membership, it has been announced. The body is designed to provide a community for anyone working in, or who has an interest in, the sector, helping promote best practices and information sharing both in the UK and internationally. It also aims to work alongside government, trade bodies, and cybersecurity groups to share information and initiatives. Membership has now opened for individuals and organizations…

SANTA CLARA, Calif., May 4, 2021 /PRNewswire/ — Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, announced today that it will release the financial results for its fiscal third quarter 2021, ended April 30, 2021, after U.S. markets close on Thursday, May 20, 2021. Palo Alto Networks will host a video webcast that day at 2 p.m. Pacific time (5 p.m. Eastern time) to discuss the results. The live video webcast will be accessible…

A leading Californian healthcare provider has been hit by a cyber-attack forcing the postponement of some patient appointments and a reversion back to offline processes. Non-profit Scripps Health posted several updates to Twitter over the weekend, claiming that an incident detected on Saturday forced it to suspend access to some applications, including MyScripps and scripps.org. “While our information technology applications are offline, patient care continues to be delivered safely and effectively at our facilities, utilizing…

Microsoft Research’s Project Freta aims to find invisible malware running on the cloud. Human beings are lazy and frugal. As soon as we can stop using a person to do something simple, we do. People are much better suited to doing expensive, complex things. And so, more than 200 years after the beginning of the industrial revolution, we still carry on automating the workplace.  The latest incarnation is the public cloud, which runs at a…

Pulse Secure has patched a critical zero-day vulnerability that was being exploited by multiple APT groups to target US defense companies, among other entities. The security update fixes CVE-2021-22893, a critical authentication bypass vulnerability in the Pulse Connect Secure VPN product which has a CVSS score of 10.0. It was being exploited in combination with bugs from 2019 and 2020, patched by the vendor but not applied by some organizations, to bypass multi-factor authentication on the…