RSS_Virtulization

Asset management is a tricky subject. In many cases, organizations have no idea about how many assets they have, let alone where they are all located.  Fortunately, there are tools that can assist with reaching your asset management goals. While Tripwire Enterprise (TE) is great for detecting unauthorized changes on your system and also for ensuring your systems are hardened (as well as stay hardened), you must first get a handle on managing the assets that you’re…

A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. Microsoft recently published a report that states, titled “March 2021 Security Signals report,” that revealed that more than 80% of enterprises were victims of at least one firmware attack in the past two years. The study pointed out that only 29% of the targeted organizations have allocated budgets to protect firmware. A vast majority of companies in a global…

Cyber-criminals behind a cyber-attack on a Florida school district are demanding a ransom payment of $40m in cryptocurrency.  The computer system of Broward County Public Schools was compromised at the beginning of March by data-locking ransomware in a Conti gang operation. The attack caused a system shutdown but left classes undisturbed.  Broward is the sixth-largest school district in the United States with 271,000 students and an annual budget of around $4bn.  The district, which is based in Fort…

European drone manufacturer Parrot has partnered with crowdsourced security platform YesWeHack to launch a Bug Bounty program. By setting up the two-phase program, Parrot hopes that potential vulnerabilities in its drones, mobile applications, and web services will be identified by YesWeHack’s community of more than 22,000 cybersecurity researchers. “After the integration of cybersecurity from the initial design phase of Parrot drones, the Bug Bounty launched with YesWeHack completes the audits and brings an additional step of control,” said Victor Vuillard,…

Executive Summary  Cuba ransomware is an older ransomware, that has recently undergone some development. The actors have incorporated the leaking of victim data to increase its impact and revenue, much like we have seen recently with other major ransomware campaigns.  In our analysis, we observed that the attackers had access to the network before the infection and were able to collect specific information in order to orchestrate the attack and have the greatest impact. The attackers operate using a set of PowerShell scripts that…

Cuba Ransomware Overview Over the past year, we have seen ransomware attackers change the way they have responded to organizations that have either chosen to not pay the ransom or have recovered their data via some other means. At the end of the day, fighting ransomware has resulted in the bad actors’ loss of revenue. Being the creative bunch they are, they have resorted to data dissemination if the ransom is not paid. This means…

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT10, Charming Kitten, China, Cycldek, Hancitor, Malspam, North Korea, Phishing, TA453, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the…

AWS has its Well Architected Framework and Azure and Google have their equivalents.  These are great resources for individuals looking to leverage any of these clouds as a stand-alone resource.  But until recently, if you were looking for guidance that helps bridge the gap between public clouds or heaven help you, between the data center and multiple public clouds; you were pretty much out of luck.  Fortunately, that situation is changing, and VMware is at…

IDs, names, email addresses and more personal details are part of the massive database of stolen data, which could be used to launch additional attacks on LinkedIn and its users. Image: iStockphoto/Suebsiri A massive trove of LinkedIn account data has been found for sale online, containing 500 million user records including email addresses, phone numbers, links to other social media profiles and professional details. Reported by CyberNews researchers, the leak was posted to a forum…

More than half of the cyberattacks reported to Keeper Security involved stolen credentials. Image: Getty Images/iStockphoto Cybercriminals use a few key tactics to try to breach an organization’s internal network. One always popular method is to obtain the account credentials of employees. And that endeavor is made easier when employees fail to practice good password hygiene. A report published Tuesday by security provider Keeper Security looks at the pitfalls of mismanaged passwords and offers tips…