The city of Tulsa, Oklahoma, has been hit by a ransomware attack over the weekend that impacted its government’s network and shut down its websites. One of the biggest cities in the US  by population size, the City of Tulsa, was victim of a ransomware attack that affected its government’s network and forced the shutdown of official websites over the weekend. Shortly after the attack, that took place Friday night, the city issued a statement…

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Fileless Malware, Malspam, Phishing, Ransomware, Rootkits, Targeted Attacks and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this agazine and provide a glimpse of the threats discussed….

You’ve learned the basics of customer identity and access management (CIAM). And you’ve listened as experts from Okta explained the CIAM Maturity Curve, which helps organizations determine where they fall on the spectrum. In this third episode of our 5-episode podcast, The C-level Strategic Guide for CIAM Investment, we will explore phase 2 on the CIAM Maturity Curve: Automated. Companies at phase 2 can face a range of new challenges, says Keith Casey, API Problem…

VMware vRealize Cloud Management Suite now supports Microsoft’s Azure VMware Solution  I am pleased to announce that customers can now take advantage of VMware vRealize Cloud Management with Azure VMware Solution. We have three vRealize solutions available as either on-premises software or cloud service that VMware has validated to support Microsoft’s Azure VMware Solution: (1) vRealize Automation and vRealize Automation Cloud, (2) vRealize Operations and vRealize Operations Cloud, and (3) vRealize Network Insight and vRealize Network Insight Cloud. VMware supports all these vRealize solutions.  Customers can use their existing on-premises vRealize software licenses and vRealize cloud SaaS subscriptions to extend their vRealize management practices to the Azure VMware Solution. Customers who do not have a specific vRealize product that they want to use with Azure VMware Solution can purchase it from VMware or…

Attackers are not only demanding ransom from organizations, but also threatening their customers, users and other third parties. Image: kaptnali/Getty Images/iStockphoto Cybercriminals who specialize in ransomware have already been using double extortion tactics in which they not only decrypt stolen data but also threaten to leak it publicly unless the ransom is paid. Now, some attackers have progressed to a triple extortion tactic with the intent of squeezing out even more money from their malicious…

Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server which can be run standalone or in conjunction with IIS (Internet Information Services) and is used to broker internet traffic via HTTP network requests. The vulnerability is very similar to CVE-2015-1635, another Microsoft vulnerability in the HTTP network stack reported in 2015. With a CVSS score of 9.8, the vulnerability announced has the potential to…