April 8, 2024
Via: CSO OnlineThe US federal arm tasked with environmental protection matters, the Environmental Protection Agency (EPA), is allegedly experiencing a data breach affecting over 8.5 million users. The breach, which has reportedly exposed personal and sensitive information belonging to EPA’s customers and […]
April 4, 2024
Via: CSO OnlineCompanies that collect data on citizens in European Union (EU) countries need to comply with strict rules around protecting customer data. The General Data Protection Regulation (GDPR) sets a standard for consumer rights regarding their data, but companies will be […]
April 3, 2024
Via: CSO OnlineThe US Department of Homeland Security (DHS) has issued a critical assessment of Microsoft’s security protocols in the wake of the summer 2023 Exchange Online breach, concluding that security failures within Microsoft created the conditions that allowed Chinese state-backed hacking […]
April 3, 2024
Via: ArsTechnicaJackson County, Missouri, has declared a state of emergency and closed key offices indefinitely as it responds to what officials believe is a ransomware attack that has made some of its IT systems inoperable. “Jackson County has identified significant disruptions […]
April 2, 2024
Via: Government ExecutiveThe Pentagon is working on a shared virtual cloud-based workspace for contractors as a way to boost their cybersecurity and part of a larger strategic effort to make defense companies more secure. “There are some things that we’re working on […]
March 28, 2024
Via: CIOCyberattacks on utilities more than doubled from 2020 to 2022. It’s likely the case that the rapid growth of connected assets is outstripping security capabilities. One analyst firm predicts that by 2026, industrial organizations will have more than 15 billion […]
March 26, 2024
Via: CSO OnlineResearchers warn that a cyberespionage group linked to Russia’s foreign intelligence service, the SVR, has recently launched a spear-phishing campaign targeting one of Germany’s major political parties. This is a departure from the group’s typical targeting of government agencies and […]
March 21, 2024
Via: CSO OnlineHundreds of US employees have been targeted in a new email attack that uses accounting lures to distribute malicious documents that deploy a malicious remote access tool known as NetSupport RAT. The attackers use a combination of detection evasion techniques […]
March 20, 2024
Via: ArsTechnicaThe Biden administration on Tuesday warned the nation’s governors that drinking water and wastewater utilities in their states are facing “disabling cyberattacks” by hostile foreign nations that are targeting mission-critical plant operations. “Disabling cyberattacks are striking water and wastewater systems […]
March 14, 2024
Via: Dark ReadingAlabama has been grappling with network disruptions, following cyber incidents targeting both state and city governments, and days later, they still appear to be struggling to recover. Alabama’s governor, Kay Ivey, confirmed that a cyberattack on state systems began March […]
Cybersecurity, IT Policy, Tech
March 14, 2024
Via: Dark ReadingThe Federal Communications Commission (FCC) will be rolling out a voluntary cybersecurity labeling program for Internet of Things (IoT) products for consumers At its public meeting today, the Commission unanimously voted to approve the program, which will allow IoT manufacturers […]
February 19, 2024
Via: CSO OnlineA Russian advanced persistent threat (APT) actor has been using the cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target critical government infrastructures in Europe, according to a research by Recorded Future. The threat group, known as Winter Vivern, […]
Cybersecurity, IT Policy, Tech
January 31, 2024
Via: NextgovThe White House on Wednesday affirmed its commitment to a Securities and Exchange Commission rule that would require publicly traded firms to disclose cybersecurity incidents, declaring that President Joe Biden will veto any legislative efforts to shutter the agency regulation. […]
January 30, 2024
Via: StateScoopThe Center for Internet Security, the Upstate New York nonprofit that runs information sharing and analysis operations to support government agencies, found in a study announced Tuesday that cyberattacks on state and local governments increased from 2022 to 2023. That’s […]
January 29, 2024
Via: Fox NewsThe White House says “developers of the most powerful AI systems” will now have to report AI safety test results to the Department of Commerce in the wake of an executive order issued by President Biden aimed at “managing the […]
January 24, 2024
Via: CSO OnlineVolunteer cybersecurity reserve workforces are growing in the face of infosec worker shortages, with US CyberCommand recently authorized in the 2024 NDAA to create its own civilian cybersecurity reserve corps. The creation of civilian cyber reserves has gained traction over […]
January 18, 2024
Via: TechSpotAccording to technology research provider Omdia, the healthcare sector suffered 241 cyberattacks during the first nine months of 2023. That’s over 100 more than the government (147) and almost three times more than software, hardware, and IT services (91). The […]
Cloud Computing, Cybersecurity, Tech
January 17, 2024
Via: CSO OnlineThe Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency (CISA) have published an urgent advisory about the Androxgh0st botnet, which is being used to steal cloud credentials from major platforms, including AWS, SendGrid, and Microsoft Office 365. […]
January 10, 2024
Via: CSO OnlinePoorly secured Microsoft SQL servers in the US, EU, and LATAM are being attacked by financially motivated Turkish threat actors in an ongoing campaign to deliver MIMIC ransomware payloads, according to a Securonix research. The financial cyberthreat campaign named RE#TURGENCE […]
January 4, 2024
Via: CSO OnlineRansomware activity continues to threaten organizations and people while breach attempts are becoming more sophisticated and targeted – due largely to an increase in Ransomware-as-a-Service (RaaS) operations. The reality is that in an interconnected world, organizations can’t fully protect their […]