Top

Category: Cybersecurity


Cybersecurity

Report finds Census Bureau lacks ‘effective cybersecurity posture’ after red team hack

November 28, 2022

Via: FCW

A team of government-contracted hackers successfully gained unauthorized and undetected control of critical Census Bureau systems in a test revealing the federal agency’s major cybersecurity weaknesses, according to a new report. The Commerce Department Office of Inspector General’s office of […]


Cybersecurity

Meta outlines US involvement in social media disinformation in new report

November 23, 2022

Via: CSO Online

A report released by Meta’s security team describes the company’s shutdown of a network of Facebook and Instagram accounts participating in what it calls coordinated inauthentic behavior, and linking some of those accounts to the US military. “Coordinated inauthentic behavior” […]


Cybersecurity, Industry, Transportation & Infrastructure

TSA administrator says new cyber requirements in the works for aviation industry

November 18, 2022

Via: FCW

The administrator of the Transportation Security Administration, said Wednesday that the agency would deliver new cybersecurity requirements for the aviation industry “in the not-too-distant future.” Speaking at the Aspen Cyber Summit, TSA chief David Pekoske said that the administration is […]


Cybersecurity

Iranian hackers compromised a federal agency’s network, CISA and FBI say

November 16, 2022

Via: FCW

Iranian government-sponsored hackers were able to exploit an unaddressed vulnerability in a federal agency’s network to compromise users’ credentials and install cryptocurrency mining software on its system, according to a joint cybersecurity advisory released by the Cybersecurity and Infrastructure Security […]


Cybersecurity

Global 2000 companies failing to adopt key domain security measures

November 15, 2022

Via: CSO Online

Forbes Global 2000 companies are failing to adopt key domain security measures, exposing them to significant security risks, according to CSC’s Domain Security Report 2022. The enterprise-class domain registrar and Domain Name System (DNS) threats mitigator found that 75% of […]


Cybersecurity

Evolving Security for Government Multiclouds

November 15, 2022

Via: Dark Reading

Multicloud services have become the norm rather than the exception as organizations shift to accommodate increasingly dynamic workloads. IDC has predicted that by the end of 2022, more than 90% of enterprises worldwide will rely on a mix of on-premises, […]


Cybersecurity

State-sponsored hackers in China compromise certificate authority

November 15, 2022

Via: ArsTechnica

Nation-state hackers based in China recently infected a certificate authority and several government and defense agencies with a potent malware cocktail for burrowing inside a network and stealing sensitive information, researchers said on Tuesday. The successful compromise of the unnamed […]


Cybersecurity

Microsoft links Russia’s military to cyberattacks in Poland and Ukraine

November 11, 2022

Via: ArsTechnica

Microsoft on Thursday fingered Russia’s military intelligence arm as the likely culprit behind ransomware attacks last month that targeted Polish and Ukrainian transportation and logistics organizations. If the assessment by members of the Microsoft Security Threat Intelligence Center (MSTIC) is […]


Cybersecurity

The new CIO security priority: Your software supply chain

November 3, 2022

Via: CIO

One reason open source is popular in the enterprise is that it provides well-tested building blocks that can speed up the creation of sophisticated applications and services. But third-party software components and the convenience of packages and containers bring risks […]


Cybersecurity

Making the case for security operation automation

November 3, 2022

Via: CSO Online

According to ESG research, 52% of organizations believe that security operations are more difficult today than they were two years ago, due to factors such as the dangerous threat landscape, growing attack surface, and the volume/complexity of security alerts. In […]


Cybersecurity

Ransomware is a global problem and getting worse, says US

November 1, 2022

Via: ZDnet

The White House has united dozens of nations and representatives from big tech companies for a two-day summit aimed at figuring out how to tackle the global ransomware problem. “When you look at government networks, as we know — Costa […]


Cybersecurity

White House invites dozens of nations for ransomware summit

October 31, 2022

Via: Washington's Top News

The White House is bringing together three dozen nations, the European Union and a slew of private-sector companies for a two-day summit starting Monday that looks at how best to combat ransomware attacks. The second International Counter Ransomware Summit will […]


Cybersecurity

Phishing attacks increase by over 31% in third quarter: Report

October 28, 2022

Via: CSO Online

Email security and threat detection company Vade has found that phishing emails in the third quarter this year increased by more than 31% quarter on quarter, with the number of emails containing malware in the first three quarters surpassing the […]


Cybersecurity

CISA to focus on water, education and health sectors over the next year 

October 24, 2022

Via: FCW

Over the coming year, the Cybersecurity and Infrastructure Security Agency plans to concentrate more of its attention on critical infrastructure sectors that adversaries target due to the essential services they provide but which don’t have the assets to defend themselves, […]


Cybersecurity

China-Linked Cyber-Espionage Team Homes In on Hong Kong Government Orgs

October 19, 2022

Via: Dark Reading

The Winnti cyber-espionage group out of China was discovered deploying the Spyder Loader malware as part of an ongoing campaign to gather intelligence information on government organizations in Hong Kong. Researchers at Symantec’s Threat Hunter Team recently observed malicious activity […]


Cybersecurity, Industry, Workforce

The future of federal telework demands secure remote access

October 19, 2022

Via: FCW

The Office of Personnel Management recently moved to increase telework flexibility throughout the federal government. The intent is to remain competitive in the pursuit of top talent and to decrease “agency-hopping” in search of telework options. The President’s Management Agenda […]


Cybersecurity

Modernizing password and secrets management to strengthen zero-trust posture

October 18, 2022

Via: StateScoop

Password and secrets management play increasingly important roles at federal and state agencies as they strengthen their organization’s risk posture and defend against sophisticated cyberattacks, says Darren Guccione, Keeper Security’s CEO and Co-Founder, in a recent interview. “More than 80% […]


Cybersecurity

China’s attack motivations, tactics, and how CISOs can mitigate threats

October 12, 2022

Via: CSO Online

A new report published by Booz Allen Hamilton provides detailed insight into global cyber threats posed by the People’s Republic of China (PRC). The China Cyber Threat Report outlines Beijing’s chief motivations for carrying out cyberattacks or espionage, the key […]


Cybersecurity, Education, Industry

LAUSD Ransomware Attack: Understanding Cybersecurity Risks in Education

October 7, 2022

Via: InformationWeek

On September 5, Los Angeles Unified School District (LAUSD) announced that it had been the victim of a ransomware attack. The group behind the attack, Vice Society, threatened to leak the stolen data. The school district opted not to pay […]


Cybersecurity

Russian hacking group targets state-government websites in DDoS campaign

October 6, 2022

Via: StateScoop

A group of Russian-speaking hackers on Wednesday took responsibility for a denial-of-service attack targeting state government websites, with several states experiencing brief or lengthy outages. The group, which calls itself Killnet, appears to have temporarily disabled websites run by the […]