RSS_Virtulization

Several leading health systems got together recently to announce the formation of Truveta, an independent company that will pool patient medical records from the participating health systems and analyze them for insights to drive healthcare outcomes. The announcement highlighted the benefits of sharing de-identified data for driving research, new therapies, and improved health outcomes. In an initiative launched last year, UC San Francisco (UCSF) has created a data platform titled the UCSF Health Atlas that…

Shortcuts aren’t always the fastest or safest route from Point A to Point B. Providing faster “direct to cloud” access for your users to critical applications and cloud services can certainly improve productivity and reduce costs, but cutting corners on security can come with huge consequences. The Secure Access Service Edge (SASE) framework shows how to achieve digital transformation without compromising security, but organizations still face a number of difficult choices in how they go…

A lack of confidence in companies’ defenses is prompting 91% of organizations to boost 2021 budgets, according to a new IDG/Insight Enterprises study. Image: iStock/LeoWolfert Nearly 80% of senior IT and IT security leaders believe their organizations lack sufficient protection against cyberattacks despite increased IT security investments made in 2020 to deal with distributed IT and work-from-home challenges, according to a new IDG survey commissioned by Insight Enterprises. That high level of concern over the…

By Garret Grajek, CEO, YouAttest During the first half of 2020 alone, over 36 billion records were exposed through various data breaches, with the FBI reporting an increase of 300% in reports since the onset of the COVID-19 pandemic. With threats, both internal and external, facing organizations at an all-time high, cybersecurity should be a critical focus for 2021, especially as remote working is a trend that will continue far into the future. Hackers look…

Elite cybercrime forum Maza aka MFclub has been taken over by hackers, according to new research by risk intelligence company Flashpoint. The Russian-language forum, which was originally known as Mazafaka, has served thousands of cyber-criminals since its launch in 2003.  “Little is known at this time about the attackers who successfully compromised Maza,” wrote Flashpoint researchers. But thanks to the data allegedly leaked in the attack, quite a lot has come to light about the site’s users. …

The United States Justice Department has warned that cyber-criminals are impersonating state workforce agencies (SWAs) to steal Americans’ personal data. In a press release issued March 5, the department said it had received reports that bad actors are creating fake websites that mimic sites genuinely belonging to SWAs.  “The fake websites are designed to trick consumers into thinking they are applying for unemployment benefits and disclosing personally identifiable information and other sensitive data,” said the department.  “That…

An American mortgage lender has shelled out $1.5m to resolve allegations that it violated the New York Department of Financial Services (NYDFS) Cybersecurity Regulation.  Residential Mortgage Services, Inc. (RMS), which is headquartered in South Portland, Maine, was accused of failing to report a data breach that occurred in 2019.  The breach was uncovered during an investigation of RMS carried out in July 2020 by the NYDFS. The department found evidence that “a substantial amount of sensitive personal data” had…

President Trump’s cybersecurity order made the National Institute of Standards and Technology’s framework federal policy. Here’s what you need to know about the NIST’s Cybersecurity Framework. The tech world has a problem: security fragmentation. There’s no standard set of rules–or even language–used to address the growing threats of hackers, ransomware, and stolen data, and the threat only continues to grow. President Obama recognized the threat in 2013, which led to his cybersecurity executive order that…

Security researchers are warning of a resurgent campaign to hijack developer resources for cryptocurrency mining. A team from Aqua Security explained that over the period of just four days, attackers set up 92 malicious Docker Hub registries and 92 Bitbucket repositories to abuse these resources. “The adversaries create a continuous integration process that every hour initiates multiple auto-build processes, and on each build, a Monero cryptominer is executed,” said Aqua Security’s lead data analyst, Assaf…

Cyber-criminals are actively sharing tips and advice on how to bypass the 3D Secure (3DS) protocol to commit payment fraud, according to researchers. A team at threat intelligence firm Gemini Advisory found the discussions on multiple dark web forums, claiming that phishing and social engineering tactics stood a good chance of success in certain situations. Although version two of the protocol, designed for smartphone users, allows individuals to authenticate payments with hard-to-spoof or steal biometric…