Security News

Product showcase: The Cynomi Virtual CISO (vCISO) platform
2022-07-26 03:30

Since most companies this size don't have in-house CISO expertise - the demand for virtual CISO services is also growing. Cynomi enables managed service providers and consulting firms to provide ongoing vCISO services at scale by automating much of the manual, expert and time-consuming vCISO work, empowering their existing teams.

Cynomi Automated Virtual CISO (vCISO) Platform for Service Providers
2022-07-21 08:23

The company's AI-powered vCISO platform automatically generates everything vCISO service providers need to provide their clients, fully customized for each and every client: risk and compliance assessments, gap analysis, tailored security policies, strategic remediation plans with prioritized tasks, tools for ongoing task management, progress tracking and customer-facing reports. Cynomi enables managed service providers and consulting firms to provide ongoing vCISO services at scale by automating much of the manual, expert and time-consuming vCISO work, empowering their existing teams.

What NATO’s virtual rapid response cyber capability means for the fight against cyber warfare
2022-07-19 04:00

At the recent meeting of the North Atlantic Council in Madrid, NATO heads of state agreed to boost resilience to cyber and hybrid threats. NATO members will strengthen their cyber defenses through enhanced civil-military cooperation, and expand industry partnerships.

Why small businesses may want to pursue virtual CISO
2022-05-31 17:45

Why small businesses may want to pursue virtual CISO. While a Chief Information Security Officer can be invaluable to a company with regards to safety and cybersecurity, some smaller enterprises may want to look into a Virtual CISO to assist with cutting down on expenses. A virtual CISO is that of an independent or contracted employee, who fills the role of a CISO but is not employed full time.

Android and Chrome Users Can Soon Generate Virtual Credit Cards to Protect Real Ones
2022-05-16 19:52

Google on Wednesday took to its annual developer conference to announce a host of privacy and security updates, including support for virtual credit cards on Android and Chrome. "When you use autofill to enter your payment details at checkout, virtual cards will add an additional layer of security by replacing your actual card number with a distinct, virtual number," Google's Jen Fitzpatrick said in a statement.

How to install the NordLayer VPN client on Linux and connect it to a virtual network
2022-05-04 19:55

How to install the NordLayer VPN client on Linux and connect it to a virtual network We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. NordLayer VPN is a VPN-based network security solution that can serve just about any sized business and allows admins to manage connections from a remote, web-based dashboard.

Experts Detail Virtual Machine Used by Wslink Malware Loader for Obfuscation
2022-03-29 05:15

Cybersecurity researchers have shed more light on a malicious loader that runs as a server and executes received modules in memory, laying bare the structure of an "Advanced multi-layered virtual machine" used by the malware to fly under the radar. Packed with a file compression utility named NsPack, Wslink makes use of what's called a process virtual machine, a mechanism to run an application in a platform-independent manner that abstracts the underlying hardware or operating system, as an obfuscation method but with a crucial difference.

How hackers could use popular virtual reality headsets to steal sensitive information
2022-02-18 04:30

Researchers at Rutgers University-New Brunswick have published "Face-Mic," the first work examining how voice command features on virtual reality headsets could lead to major privacy leakages, known as eavesdropping attacks. The research shows that hackers could use popular virtual reality headsets with built in motion sensors to record subtle, speech-associated facial dynamics to steal sensitive information communicated via voice-command, including credit card data and passwords.

VMWare fixes holes that could allow virtual machine escapes
2022-02-16 19:32

Acting now will almost certainly jump you ahead of the many inquisitive cybercriminals out there, given that none of the bugs patched in this update seem to be zero-day security holes. Both CVE-2022-22040 and CVE-2022-22021 are annotated with the comment that "a malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host."

FBI warns of BEC attackers impersonating CEOs in virtual meetings
2022-02-16 18:09

The Federal Bureau of Investigation warned today that US organizations and individuals are being increasingly targeted in BEC attacks on virtual meeting platforms. In a Public Service Announcement issued today, the FBI said it noticed scammers switching to virtual meeting platforms matching the overall trend of businesses moving to remote work during the pandemic.