RSS_Virtulization

Craig Young, Principal Security Researcher at Tripwire, unpacks the modern security researcher’s toolkit to reverse engineer complex designs. Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnmStitcher: https://www.stitcher.com/podcast/the-tripwire-cybersecurity-podcastRSS: https://tripwire.libsyn.com/rssYouTube: https://www.youtube.com/playlist?list=PLgTfY3TXF9YKE9pUKp57pGSTaapTLpvC3 Tim Erlin: Welcome everyone to the Tripwire Cybersecurity Podcast. I’m Tim Erlin, vice-president of product management and strategy at Tripwire. Today, I am joined by one of our security researchers, Craig Young. Craig Young: Thank you for having me. It’s a pleasure to be here with you. On the Basics of Reverse…

Getting incentives for the best security practices is a win-win for all healthcare-related entities. For one, you are getting incentives, and secondly, you are making sure that you have a rock-solid defense in terms of security.  Many organizations find that the rules and regulations that HIPAA entails are too extensive and overwhelming, however. What’s more, cybersecurity wasn’t a thing when HIPAA was introduced. Therefore, the law does not have any specific guidelines for cybersecurity.  The…

By Pedro Fortuna, CTO, Jscrambler Magecart has certainly garnered mainstream media attention over the last couple of years. Perhaps it’s the high profile nature of many of their targets (British Airways, Forbes, Equifax, Macy’s) to name but a few. Magecart is best described as a cybercrime syndicate that specialises in cyberattacks involving digital credit card theft, by skimming online payment forms. And they are not victimless crimes –  hundreds of thousands of customers typically have…

Norway parliament, the Storting, has suffered a new cyberattack, hackers stole data by exploiting recently disclosed Microsoft Exchange vulnerabilities. Norway ‘s parliament, the Storting, was hit by a new cyberattack, threat actors stole data exploiting the recently disclosed vulnerabilities in Microsoft Exchange, collectively tracked as ProxyLogon. On March 2nd, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in…

There are many types of Ops in today’s world of Cloud, from DevOps to GitOps, SecOps to DevSecOps, the list goes on, but AIOps is here to truly enable business innovation. Please check out this video where I explain the background of AIOps, what problems it can help solve and the opportunities for the future. As usual, if you would prefer to read the content, I’ve placed the transcript below. Enjoy! I’d like to follow…

A multi-state settlement has been reached over a 2019 data breach that may have exposed the personal information of up to 25 million Americans.  The breach took place from August 1, 2018, through March 30, 2019, when an unauthorized user gained access to the internal computer system of the American Medical Collection Agency (AMCA) by hacking into a web payment portal. Once inside the system, the user was able to access a variety of sensitive data that included Social Security…

A Utah company has exposed the sensitive information of more than 50,000 customers by storing data on an unsecured server. The breach at Premier Diagnostics was discovered on February 22 by cybersecurity expert Bob Diachenko at consumer privacy watchdog Comparitech. Sensitive customer data stored in a publicly accessible database included scans of passports, health insurance ID cards, and driver’s licenses.  Researchers found that the data of around 52,000 customers may have been impacted in the security incident. Based on the…