RSS_Virtulization

CrowdStrike has announced a $400 million deal to acquire British log management firm Humio in a bid to bolster its extended detection and response (XDR) capabilities. The endpoint security and threat intelligence giant claimed it was “blown away” by the London-based firm’s high-performance cloud log management and observability technology. Its proven ability to deliver at scale makes it the perfect fit for the CrowdStrike Security Cloud, it added. “By leveraging new ingest pipelines and cloud…

Over 100 private sector firms were breached in the SolarWinds attack, the White House has revealed. Anne Neuberger, deputy national security advisor for cyber and emerging technology, told the press yesterday that many of those affected were technology companies, “whose products could be used to launch additional intrusions.” That’s certainly what appears to have happened with the targeting of firms like FireEye, Microsoft, Malwarebytes, Mimecast and Palo Alto Networks — although not all of these…

One of the world’s five internet registries yesterday warned users that it suffered a failed credential stuffing attack. RIPE NCC is the regional internet registry (RIR) for Europe, West Asia and the former Soviet Union. It claimed in an update yesterday that its single sign-on (SSO) service was affected by an attempt to crack open accounts, causing some downtime. “We mitigated the attack, and we are now taking steps to ensure that our services are…

Investment firm Capital Group has appointed Marta Zarraga as its new global chief information officer. In the role, Zarraga will be responsible for overseeing the organization’s technology and cybersecurity. She joins the company with 25 years of experience in the information security industry, including as global chief information officer at Aviva and chief information officer at Vodafone and British Telecom. Capital Group explained that Zarraga was selected for her strong technical qualifications, holding a Master’s…

On February 17th, 2021, McAfee disclosed findings based on a 10-month long disclosure process with major video conferencing vendor Agora, Inc.  As we disclosed the findings to Agora in April 2020, this lengthy disclosure timeline represents a nonstandard process for McAfee but was a joint agreement with the vendor to allow sufficient time for the development and release of a secure SDK. The release of the SDK mitigating the vulnerability took place on December 17th,…

Well, let’s start with the basics. What is MSSP? It is short for Managed Security Service Provider. As the name suggests MSSPs are providers of different managerial security services. Examples of some managerial services are managing firewalls, detecting intrusion, keeping an eye out for new threats 7x24x365, anti-virus services, patch management, identity management, regulatory compliance gap analysis, anti-phishing training, solving cyber emergency problems like ransomware, security assessments, and much more.  From SMBs to large organizations,…

By Nick Psaki, Principal Engineer, Office of the CTO, Pure Storage The threat of ransomware is not new – but we are seeing a renewed focus since the onset of COVID-19. With the majority of the Federal workforce remote, the landscape is changing rapidly and threats are evolving. The Cybersecurity and Infrastructure Security Agency (CISA) – along with other agencies – has released several alerts since the beginning of the pandemic, citing new and emerging…