cybersecurity

Google Cloud's Nick Godfrey Talks Security, Budget and AI for CISOs

Posted on February 12, 2024February 12, 2024 by Admin

Image: Adobe/Sundry Photography As senior director and global head of the office of the chief information security officer (CISO) at Google Cloud, Nick Godfrey oversees educating employees on cybersecurity as well as handling threat detection and mitigation. We conducted an interview with Godfrey via video call about how CISOs and other tech-focused business leaders can allocate their finite resources, getting buy-in on security from other stakeholders, and the new challenges and opportunities introduced by generative…

Botnet Struck U.S. Routers; Here’s How to Keep Employees Safe

Posted on February 2, 2024February 3, 2024 by Admin

State-sponsored hackers affiliated with China have targeted small office/home office routers in the U.S. in a wide-ranging botnet attack, Federal Bureau of Investigation Director Christopher Wray announced on Wednesday, Jan. 31. Most of the affected routers were manufactured by Cisco and NetGear and had reached end-of-life status. Department of Justice investigators said on Jan. 31, 2024, that the malware has been deleted from affected routers. The investigators also cut the routers off from other devices…

Ransomware's Impact May Include Heart Attacks, Strokes & PTSD

Posted on January 29, 2024January 30, 2024 by Admin

Ransomware incidents cause significant harm at many levels, including to physical and mental health; new research from U.K. security think tank Royal United Services Institute has classified this impact into three categories (Figure A): First-order harms: The harms to organizations and their staff. Examples include data loss, reputational harm and heart attacks. Second-order harms: The indirect harms to organizations and individuals. Examples include clients and customers in supply chains might be targeted, and patients’ cancer…

More Australian IT Leaders Could Be Looking to Replace Passwords With Passkeys in 2024

Posted on January 25, 2024January 25, 2024 by Admin

The Australian government announced in 2023 that it would phase out the use of passwords to access key government digital service platform myGov. In the first half of 2024, Australians may be asked to adopt passkeys, which use individual biometric data to authenticate users. The myGov passkey push across the Australian population will pave the way for IT leaders to adopt this more secure form of authentication in the private sector as public awareness and…

Cyber League: UK's NCSC Calls on Industry Experts to Join its Fight Against Cyber Threats

Posted on January 24, 2024January 25, 2024 by Admin

The United Kingdom’s National Cyber Security Centre is inviting members of the cybersecurity community to join its new Cyber League, which is a collective of industry experts that will work alongside the government agency to tackle security threats facing the U.K. Announced by the NCSC on Jan. 17, the Cyber League will support existing NCSC initiatives that bring together experts from the public and private sectors. This is with the aim of improving knowledge sharing…

UK Study: Generative AI May Increase Ransomware Threat

Posted on January 24, 2024January 25, 2024 by Admin

The U.K.’s National Cyber Security Centre has released a new study that finds generative AI may increase risks from cyber threats such as ransomware. Overall, the report found that generative AI will provide “capability uplift” to existing threats as opposed to being a source of brand new threats. Threat actors will need to be sophisticated enough to gain access to “quality training data, significant expertise (in both AI and cyber), and resources” before they can…

Australian Organisations Face Tensions Between Personalisation, Privacy

Posted on January 24, 2024January 24, 2024 by Admin

Organisations in Australia face a significant challenge with data. On the one hand, there is a demand for personalised services. Consumers are willing to share their data if it means better personalisation. On the other hand, there is a real concern about privacy, and while organisations are focused on looking for ways to prevent data breaches, efforts to do better to protect customer privacy are more haphazard. Why organisations want data to deliver personalisation Personalisation…

Microsoft Says State-Sponsored Attackers Accessed Senior Leaders' Emails

Posted on January 23, 2024January 23, 2024 by Admin

Microsoft disclosed on Jan. 19 that a nation-state backed attack occurred beginning in November 2023 in which the Russian state-sponsored threat actor group Midnight Blizzard accessed some Microsoft corporate emails and documents through compromised email accounts. The attackers gained access in November 2023 using a legacy test tenant account. From there, they could use that account’s permissions to access a small number of Microsoft corporate email accounts – some of those accounts were for senior…

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More

Posted on January 18, 2024January 19, 2024 by Admin

The Federal Bureau of Investigation and Cybersecurity & Infrastructure Security Agency warned in a joint advisory about a threat actor deploying a botnet that makes use of the Androxgh0st malware. This malware is capable of collecting cloud credentials, such as those from AWS or Microsoft Azure and more, abusing the Simple Mail Transfer Protocol, and scanning for Amazon Simple Email Service parameters. What is the Androxgh0st malware? The Androxgh0st malware was exposed in December 2022…

Ivanti Secure VPN Zero-Day Vulnerabilities Allow Chinese Threat Actor to Compromise Systems

Posted on January 13, 2024January 13, 2024 by Admin

Two zero-day vulnerabilities have been discovered in Ivanti Secure VPN, a popular VPN solution used by organizations worldwide. The vulnerabilities are currently being exploited in the wild by at least one Chinese nation-state threat actor dubbed UTA0178. The chaining of the two vulnerabilities allow any attacker to execute remote code without any authentication and compromise affected systems. What are the Ivanti Secure VPN zero-day vulnerabilities? Ivanti published an official security advisory and knowledge base article…

« 1 … 18 19 20 21 22 … 29 »

Google Cloud's Nick Godfrey Talks Security, Budget and AI for CISOs

Botnet Struck U.S. Routers; Here’s How to Keep Employees Safe

Ransomware's Impact May Include Heart Attacks, Strokes & PTSD

More Australian IT Leaders Could Be Looking to Replace Passwords With Passkeys in 2024

Cyber League: UK's NCSC Calls on Industry Experts to Join its Fight Against Cyber Threats

Australian Organisations Face Tensions Between Personalisation, Privacy

Microsoft Says State-Sponsored Attackers Accessed Senior Leaders' Emails

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More

Ivanti Secure VPN Zero-Day Vulnerabilities Allow Chinese Threat Actor to Compromise Systems

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)