Security News

Guide: How virtual CISOs can efficiently extend their services into compliance readiness
2023-01-10 03:45

Compliance services are emerging as one of the hottest areas of cybersecurity. As large businesses adopt cybersecurity and compliance frameworks and agree to certain standards, they impose similar demands on their suppliers.

Download eBook: Top virtual CISOs share 7 tips for vCISO service providers
2022-10-24 17:34

Virtual Chief Information Security Officer services are growing in popularity, especially as growing cyber threats, tightening regulatory demands and strict cyber insurance requirements are driving small to medium-sized enterprises demand for strategic cybersecurity and compliance guidance and management. vCISO services are labor intensive, require highly skilled experts, and are difficult to scale.

Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network
2022-10-22 05:42

Researchers have disclosed details about a now-patched critical flaw in the Move virtual machine that powers the Aptos blockchain network. The vulnerability "Can cause Aptos nodes to crash and cause denial of service," Singapore-based Numen Cyber Labs said in a technical write-up published earlier this month.

Attackers use novel technique, malware to compromise hypervisors and virtual machines
2022-09-30 13:13

Unknown attackers wielding novel specialized malware have managed to compromise VMware ESXi hypervisors and guest Linux and Windows virtual machines, Mandiant threat analysts have discovered. VirtualGATE is a utility program that incorporates a memory-only dropper and a payload that can run commands from a hypervisor host on a guest virtual machine, or between guest virtual machines on the same hypervisor host.

New malware backdoors VMware ESXi servers to hijack virtual machines
2022-09-29 13:00

Hackers have found a new method to establish persistence on VMware ESXi hypervisors to control vCenter servers and virtual machines for Windows and Linux while avoiding detection.A modified level of trust is not enough for the ESXi system to accept it by default but the attacker also used the '-force' flag to install the malicious VIBs.

Microsoft announces passwordless auth, SSO for Azure Virtual Desktop
2022-09-27 13:01

Microsoft has announced this week that Azure Virtual Desktop support for passwordless authentication has now entered public preview. "Today we're announcing the public preview for enabling an Azure AD-based single sign-on experience and support for passwordless authentication, using Windows Hello and security devices," said David Bélanger, a Senior Program Manager for Azure Virtual Desktop at Microsoft.

Deliver Secure Digital Workspaces with Citrix Virtual Apps and Desktops on Microsoft Azure
2022-09-16 00:00

Remote work trends are here to stay while fewer employees than ever before are working full-time in traditional offices. IT needs to foster employee engagement and collaboration, while enabling dispersed teams, decentralized workplaces, and off-premises IT infrastructure.

U.S. Sanctions Virtual Currency Mixer Tornado Cash for Alleged Use in Laundering
2022-08-11 03:57

The U.S. Treasury Department on Monday placed sanctions against crypto mixing service Tornado Cash, citing its use by the North Korea-backed Lazarus Group in the high-profile hacks of Ethereum bridges to launder and cash out the ill-gotten money. "Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks," Brian E. Nelson, under secretary of the Treasury for terrorism and financial intelligence, said.

Virtual Currency Platform ‘Tornado Cash’ Accused of Aiding APTs
2022-08-09 17:58

The U.S. government has slapped sanctions on virtual currency mixer Tornado Cash for laundering more than $7 billion in crypto cash derived from cybercriminal activity. The U.S. Department of the Treasury's Office of Foreign Assets Control unveiled the action-which basically freezes all of the assets and business of Tornado Cash and prohibits anyone from doing business with the service-on Monday, citing a number of occasions that the service laundered crypto for hackers.

Consumers benefit from virtual experiences but are concerned about tech fatigue and security
2022-08-03 09:30

A new report from Deloitte finds that the plethora of devices-and the work involved in managing them-is resulting in ongoing issues of tech fatigue and screen overload. Twenty-four percent of consumers said they're overwhelmed by the devices and subscriptions they need to manage, down from 32% last year. More than half of those surveyed are worried about the security vulnerability of their smartphones and smart home devices; 40% of users are concerned about data security on their smartwatches and fitness trackers.