March 14, 2024
Via: Dark ReadingAlabama has been grappling with network disruptions, following cyber incidents targeting both state and city governments, and days later, they still appear to be struggling to recover. Alabama’s governor, Kay Ivey, confirmed that a cyberattack on state systems began March […]
Cybersecurity, IT Policy, Tech
March 14, 2024
Via: Dark ReadingThe Federal Communications Commission (FCC) will be rolling out a voluntary cybersecurity labeling program for Internet of Things (IoT) products for consumers At its public meeting today, the Commission unanimously voted to approve the program, which will allow IoT manufacturers […]
February 19, 2024
Via: CSO OnlineA Russian advanced persistent threat (APT) actor has been using the cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target critical government infrastructures in Europe, according to a research by Recorded Future. The threat group, known as Winter Vivern, […]
Cybersecurity, IT Policy, Tech
January 31, 2024
Via: NextgovThe White House on Wednesday affirmed its commitment to a Securities and Exchange Commission rule that would require publicly traded firms to disclose cybersecurity incidents, declaring that President Joe Biden will veto any legislative efforts to shutter the agency regulation. […]
January 30, 2024
Via: StateScoopThe Center for Internet Security, the Upstate New York nonprofit that runs information sharing and analysis operations to support government agencies, found in a study announced Tuesday that cyberattacks on state and local governments increased from 2022 to 2023. That’s […]
January 29, 2024
Via: Fox NewsThe White House says “developers of the most powerful AI systems” will now have to report AI safety test results to the Department of Commerce in the wake of an executive order issued by President Biden aimed at “managing the […]
January 24, 2024
Via: CSO OnlineVolunteer cybersecurity reserve workforces are growing in the face of infosec worker shortages, with US CyberCommand recently authorized in the 2024 NDAA to create its own civilian cybersecurity reserve corps. The creation of civilian cyber reserves has gained traction over […]
January 18, 2024
Via: TechSpotAccording to technology research provider Omdia, the healthcare sector suffered 241 cyberattacks during the first nine months of 2023. That’s over 100 more than the government (147) and almost three times more than software, hardware, and IT services (91). The […]
Cloud Computing, Cybersecurity, Tech
January 17, 2024
Via: CSO OnlineThe Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency (CISA) have published an urgent advisory about the Androxgh0st botnet, which is being used to steal cloud credentials from major platforms, including AWS, SendGrid, and Microsoft Office 365. […]
January 10, 2024
Via: CSO OnlinePoorly secured Microsoft SQL servers in the US, EU, and LATAM are being attacked by financially motivated Turkish threat actors in an ongoing campaign to deliver MIMIC ransomware payloads, according to a Securonix research. The financial cyberthreat campaign named RE#TURGENCE […]
January 4, 2024
Via: CSO OnlineRansomware activity continues to threaten organizations and people while breach attempts are becoming more sophisticated and targeted – due largely to an increase in Ransomware-as-a-Service (RaaS) operations. The reality is that in an interconnected world, organizations can’t fully protect their […]
January 4, 2024
Via: Dark ReadingDecember’s cyberattack on Ukrainian telecommunications operator Kyivstar by Russian-backed threat actors dealt a catastrophic blow to the wealthy, privately-owned company, according to Illia Vitiuk, head of the Security Service of Ukraine’s (SBU) cybersecurity department. In a new interview, he issued […]
December 29, 2023
Via: Government ExecutiveFor those looking for stability to arrive to the national security hiring market – 2023 was not the year. While reform efforts continued to barrel forward, so did another catastrophic leak of classified information, creating more distrust of the U.S. […]
December 18, 2023
Via: CSO OnlineBy a 310-118 vote, the US House of Representatives passed the $886 billion National Defense Authorization Act for Fiscal Year 2024 (NDAA), which passed the Senate one day later. The annual must-pass legislation for US military funding is now headed […]
Cybersecurity, Federal, Policy
December 18, 2023
Via: Washington's Top NewsForeign hackers did not change vote totals or otherwise compromise the integrity of federal elections last year in the United States, according to a declassified U.S. government report made public Monday. The report does identify multiple instances in which hackers […]
December 14, 2023
Via: Dark ReadingProlific Iranian advanced persistent threat group (APT) OilRig has repeatedly targeted several Israeli organizations throughout 2022 in cyberattacks that were notable for leveraging a series of custom downloaders that use legitimate Microsoft cloud services to conduct attacker communications and exfiltrate […]
December 14, 2023
Via: ArsTechnicaUkrainian civilians on Wednesday grappled for a second day of widespread cellular phone and Internet outages after a cyberattack, purportedly carried out by Kremlin-supported hackers, hit the country’s biggest mobile phone and Internet provider a day earlier. Two separate hacking […]
December 13, 2023
Via: CSO OnlineThe UK government is at risk of a “catastrophic ransomware attack” that can potentially bring the country to a “standstill,” warned a new parliamentary committee report. “A major ransomware attack could have a devastating impact on UK citizens and the […]
December 11, 2023
Via: CSO OnlineThe US critical infrastructure industry and federal authorities have been coping with a series of threat actor attacks on organizations, particularly water utilities, by a shadowy Iranian threat actor exploiting security holes in internet-connected equipment deployed in industrial control system […]
December 7, 2023
Via: Government ExecutiveTwenty federal agencies failed to meet the Biden administration’s deadline for implementing the most advanced cyber event logging requirements across their systems, with most agencies failing to implement even basic incident tracking standards, according to a recent report from the […]