Subscribe to Email Updates

Subscribe

All about Virtualization and Cloud Security | Recent Articles:

DoS Attacks in the Age of Remote Work  - Why Modern ISPs can’t Look Over Internet of Things Security

Apr 02 by Silviu Stahie

In September 2016, the United States internet infrastructure took a heavy blow that left many of the Fortune 500 businesses in digital darkness. The attack, initially pinned on a hostile nation-state, was in fact the work of teenagers wielding a botnet of about 100,000 IoT devices.    

Read More

Hypervisor Introspection blocks EternalDarkness/SMBGhost Privilege Escalation Exploit (CVE-2020-0796)

Apr 02 by Andrei Florescu
  • EternalDarkness or SMBGhost is the latest vulnerability affecting the Microsoft SMB protocol which was first reported in March 2020
  • This is high-severity threat because SMB vulnerabilities very-often are quickly adopted by “wormified” malicious attacks. As-of publishing of this post, PoCs exist for DoS and local privilege escalation
  • Bitdefender Hypervisor Introspection stops the local privilege escalation 0-day attack without any additional configurations or updates. See the Demo below.
Read More

Gartner: Coronavirus Exposes Outdated Risk Management Practices

Apr 02 by George V. Hulme

Enterprise governance, risk, and compliance programs are designed, in important part, to ensure that companies stay on track and manage risk and uncertainty. Many organizations, due to the COVID-19 pandemic, are now finding whether their risk management and cybersecurity plans will work as intended.

Read More

New Windows Zero-Day Exploited in the Wild, no Patch in Sight

Last Monday, Microsoft published a security advisory detailing a new font-parsing remote code-execution vulnerability targeting Windows 7 devices.

Read More

Small DDoS Attacks Are Increasing; VPNs Could Fall Victim Next During Epidemic

Apr 01 by Silviu Stahie

While the COVID-19 is confining workers to home and keeping offices empty, cybercriminals and other bad actors have no compulsion in continuing their DDoS attacks. The only difference appears to be in the scale of attacks, which are slowly moving from large to small targets. On top of that, an increase in attacks aimed at VPN providers is expected.

Read More

Blockchain as an IoT Security Mechanism

Mar 31 by Bob Violino

Building more robust security for the growing Internet of Things (IoT) has been a focal point for many over the past few years. Might blockchain, the distributed ledger technology for overseeing transactions across a network over time, be an ideal solution?


Read More

Forewarned is Forearmed: Boost Your Cyber Defenses with Threat Hunting

Mar 27 by Angel Icusca

Intrusion detection, incident response, and digital forensics - these are all essential stages of managing a cyberattack. While different in nature, they all share one thing: they come after an attack has breached your systems.

Read More

Legal Sector Has a Big Problem with Intentional Data Breaches

Mar 27 by Silviu Stahie

The legal sector is a prime target for cybercriminals, and the vast majority of IT leaders in the industry consider insider threats a significant concern. 77% think employees are directly responsible for exposing valuable data by mistake.

Read More

4 Million Passwords Tied to Fortune 1000 Companies Are Available on the Dark Web, Research Shows

Mar 26 by Filip Truta

A snapshot of the breach exposure of major enterprises has revealed 23 million pairs of credentials containing Fortune 1000 corporate email addresses and plaintext passwords.

Read More

Are You Ready for Managed Detection and Response?

Mar 25 by Michael Rosen
  • Security’s challenge is matching awareness of external threats to internal goals and the ability to execute
  • Managed Detection and Response addresses key customer gaps in visibility, alerts, skills, and outcomes
  • Outsourcing security operations to a managed SOC allows internal teams to focus on higher-value projects
Read More

Tips for Safe Videoconferencing from Home

Mar 25 by Silviu Stahie

Companies have been using videoconferencing applications for a long time, so the adjustment needed to do it from home is not major. Still, many employees have been thrown into the deep end and suddenly need to master the art of videoconferencing safely.

Read More

As CIOs See Expanding Roles in Customer Experience, Security Must Keep Pace

Mar 23 by George V. Hulme

Let’s face it: CIOs are quite busy as they drive forward with their digital transformation efforts, build their DevOps teams, and continue their work to ensure that their business-technology systems are aligned with business needs — and somewhere within all of that work they have to find a way to keep these systems secure.  

Read More

Cloud Security




Subscribe to Blog Updates

Latest Tweets