Category: Cybersecurity

November 16, 2023

With the US Securities and Exchange Commission (SEC) having taken legal action against CISOs at both SolarWinds and Uber, security executives feel the pressure to be absolutely precise when writing up security incidents that the company has decided are material. […]

November 15, 2023

With just seven weeks until the end of the year, the Biden administration is running out of time to win the reauthorization of a spy program it says is vital to preventing terrorism, catching spies and disrupting cyberattacks. The tool, […]

November 10, 2023

In an online overview published on Nov. 9, the government of Maine confirmed that a group of cybercriminals exploiting the now-infamous vulnerability in the MOVEit file-transfer tool to allow them access to files belonging to the State of Maine between […]

November 8, 2023

The US Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Emergency Management Agency (FEMA) have announced the launch of the “Shields Ready” campaign to promote critical national infrastructure (CNI) security and resilience. Shields […]

October 26, 2023

A relentless team of pro-Russia hackers has been exploiting a zero-day vulnerability in widely used webmail software in attacks targeting governmental entities and a think tank, all in Europe, researchers from security firm ESET said on Wednesday. The previously unknown […]

October 24, 2023

The Chinese government is leveraging green energy companies in an effort to create technological dependencies and “achieve strategic, political, and intelligence advantages” over the U.S., according to a sprawling new report. The report — published Monday by the Foundation for […]

October 19, 2023

A decade ago, then-Secretary of Defense Leon Panetta uttered a phrase that would go on to live in infamy: “cyber Pearl Harbor.” Panetta was using his platform as the country’s leading national security official to warn of dire future digital […]

October 11, 2023

Amid the ongoing conflict between Israel and Hamas, a new battleground has opened up in cyberspace, with hackers from both sides trying to attack each other’s infrastructure, while also dragging supporters of each other into the conflict. “Analysts have noted […]

October 6, 2023

Federal agencies and the private sector still face significant challenges in adopting and implementing critical security controls like multifactor authentication and single sign-on services, according to new guidance from the Cybersecurity and Infrastructure Security Agency and the National Security Agency. […]

October 3, 2023

Dozens of global cybersecurity experts have raised concerns about the proposed vulnerability disclosure requirements of the EU’s Cyber Resilience Act (CRA). An open letter signed by representatives from a wide range of organizations including Google, the Electronic Frontier Foundation, the […]

September 29, 2023

Federal agencies are racing to release guidance for staff as a looming government shutdown threatens to furlough thousands of employees, disrupt critical services and reduce national cyber operations to skeleton crews. Federal employees are learning whether they will be considered […]

September 26, 2023

The concept of Zero Trust has gained significant traction in recent years, as organizations look to enhance their cybersecurity defenses and safeguard their digital assets. The US government has been at the forefront of promoting this approach, with a series […]

September 25, 2023

A series of attacks targeting a Southeast Asian government has been found to be carried out by distinct threat actors affiliated with Chinese interests, according to Unit 42, the Palo Alto research arm closely studying the attacks. Initially thought to […]

September 13, 2023

The U.S. Cybersecurity and Infrastructure Security Agency is offering free security scans for critical infrastructure facilities, such as water utilities, to help protect them from cyberattacks. The midweek announcement comes as water treatment facilities across the country have suffered from […]

August 21, 2023

Foreign adversaries are waging cyber espionage campaigns against the US space industry, according to a joint warning issued this week by the National Counterintelligence and Security Center (NCSC), FBI, and the Air Force Office of Special Investigations (AFOSI). The two-page […]

August 16, 2023

The Cybersecurity and Infrastructure Security Agency released its first remote monitoring and management software guidance document on Wednesday, part of the agency’s larger Joint Cyber Defense Collaborative initiative. The Remote Monitoring & Management Cyber Defense Plan specifically focuses on the […]

August 16, 2023

Sen. Mark Warner, D-Va., chair of the Senate Select Committee on Intelligence, wants artificial intelligence companies to commit to extending existing voluntary pledges to all of their systems and make more commitments to address high-risk areas like real-time facial recognition. […]

August 11, 2023

The Cybersecurity Infrastructure Security Agency (CISA) and the National Security Agency (NSA) recently collaborated to produce an important new document, “Identity and Access Management: Recommended Best Practices for Administrators.” Part of the Enduring Security Framework (ESF), it presents a distillation […]

August 8, 2023

Anew report has found that cyberattacks targeting government agencies and the public sector increased at an alarming rate in recent months, as threat actors unleashed a slate of novel malware campaigns that impacted financial institutions, healthcare services and critical infrastructure […]

August 7, 2023

The Colorado Department of Higher Education on Friday reported it was the victim of a data breach following a ransomware attack this past June, and that the personal information of students and teachers dating back to 2004 may have been […]