RSS_Virtulization

The British Security Industry Association’s (BSIA) video surveillance section has launched an ethical and legal use guide for Automated Facial Recognition (AFR). The guide, recommended by the Organization for Economic Co-operation and Development, outlines the considerations organizations should make regarding the responsible use of facial recognition technology, encompassing useful terms, abbreviations and ethical issues. The framework, designed to be accessible to both industry experts and the public, has a specific focus on the distinctive application…

Security experts explain why this approach is all about data and resilience, not deliberately sabotaging your own network. At a virtual summit on cybersecurity, Jamie Dicken, manager of applied security at Cardinal Health, said that security chaos engineering is similar to software testing. Image: Jamie Dicken Chaos engineering is a way for security teams to replace continuous firefighting with continuous learning, according to two industry experts. At the RSA 365 Virtual Summit this week, Aaron…

Security researchers believe that they’ve observed attacks in the wild exploiting a recently discovered SonicWall vulnerability. The technical Twitter account for global information assurance firm NCC Group posted yesterday referencing the original SonicWall advisory. “We’ve identified and demonstrated exploitability of a possible candidate for the vulnerability described and sent details to SonicWall – we’ve also seen indication of indiscriminate use of an exploit in the wild – check logs,” it urged. Followers of the account probed for…

We at The State of Security are committed to helping aspiring information security professionals to reach their full potential. Towards that end, we compiled a two–part list of the top 10 highest paying jobs in the industry. Back in 2017, we even highlighted the U.S. cities that rewarded security personnel with the best salaries, amenities and other benefits. Knowing what job title you’d like and where you’d like to live goes a long way towards…

Security researchers are warning of a resurgence of prolific Trojan malware Trickbot, which had its infrastructure disrupted by a Microsoft-led coalition late last year. Menlo Security said it had observed a new malicious spam campaign designed to trick North American users in the legal and insurance sectors into downloading the Trojan. Whereas weaponized email attachments were a common feature of previous Trickbot campaigns, this one encourages users to click on a phishing link, which redirects…

A multi-national outsourcing company that runs part of the UK’s COVID-19 Test and Trace system has been hit by ransomware, according to reports. British services business Serco, which employs 50,000 staff and manages hundreds of contracts worldwide, confirmed to Sky News that it had suffered an attack. However, the firm did not comment on the impact or whether it had paid the ransom demand. It did claim, however, that only its mainland European operations were…

Thursday marked a rare day where law enforcement agencies around the world hit back in the war against ransomware attackers. Europol announced a takedown of infrastructure used to run the Emotet botnet in a joint operation with law enforcement organizations from the U.S., U.K., Canada, the Netherlands, Germany, France, Lithuania, and Ukraine. According to a release, authorities seized an undisclosed number of servers, computers and other devices used by Emotet, which functions as both a…

In this post we take a look at a vRealize Operations (vROps) deployment for vSphere 7; building on the installation of vCenter 7.0 U1 and vSAN 7.0 U1. At the time of writing the latest available version of vROps is 8.2. vRealize Operations is an IT operations management tool for monitoring full-stack physical, virtual, and cloud infrastructure, along with virtual machine, container, operating system, and application level insights. vROps provides performance and capacity optimisation, monitoring…