A House subcommittee is considering a slate of nine bills designed to improve cybersecurity practices in the telecommunications supply chains that support wireless networks.
Failure to take basic security steps - such as avoiding using end-of-life software and default passwords - can create serious national security risks, CISA stresses. The agency is in the early stages of developing a catalog of "bad practices" that should be avoided.
In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including cybersecurity trends for the second half of the year, IoT device security and the planned security features for Windows 11.
Join our discussions as we talk with cyber industry experts and leaders about the various elements of the WHEO and how we can collectively work to elevate our nation’s cybersecurity posture.
Some 700 million records of LinkedIn users have reportedly been offered for sale on a hacker forum. The social media platform, and several security experts, say that the offering stems from the "scraping" of records from websites and not a data breach.
The U.S. Cybersecurity and Infrastructure Security Agency has released a Ransomware Readiness Assessment audit tool to help organizations size up their ability to defend against and recover from attacks.
The Justice Department has filed seven new criminal charges against Paige Thompson, who is suspected of hacking Capital One in 2019, compromising the data of 100 million Americans, including exposing hundreds of thousands of Social Security numbers. If convicted, She now faces a possible 20-year sentence.
Deputy national security adviser Anne Neuberger says the White House is preparing to release additional details, including attribution, about the attacks that targeted vulnerable on-premises Microsoft Exchange email servers at government agencies and other organizations earlier this year.
The legitimate security penetration testing tool Cobalt Strike is increasingly being used by threat groups, especially those that are less technically proficient, according to a Proofpoint report. The security firm says the number of attacks using the tool rose by 161% from 2019 to 2020.
Cyberattackers are using malware dubbed "Crackonosh" to disable many antivirus programs, paving the way for installation of the XMRig cryptominer, according to Avast. So far, this approach has generated more than $2 million in monero for the attackers over the last seven months, the security firm reports.
Taiwanese networking device manufacturer Zyxel is notifying customers about an ongoing series of attacks on some of its enterprise firewall and VPN products and is advising users to maintain proper remote access security policies as it prepares a hotfix.
The saga around how scores of aging Western Digital NAS devices were remotely erased has deepened with the discovery of a new, unknown software vulnerability. The situation underscores the problems of still-used devices that have been abandoned by manufacturers.
This inaugural Omdia Universe report from Informa Tech, the company behind Black Hat and Dark Reading, offers an independent, comprehensive, end-to-end assessment of world-leading global IT security service providers across two major IT security dimensions: end-to-end service capability and customer experience, and...
Zero Trust is rapidly becoming the security model of choice for enterprises and governments alike. However, security leaders often don't know where to begin to implement it, or they feel daunted by the fundamental shifts in strategy and architecture Zero Trust demands. However, Zero Trust does not require that you rip...
A government watchdog is urging NASA to make multiple improvements to its cybersecurity and risk management policies to counter threats to the space agency's network, infrastructure and data. NASA, in turn, is working toward making some security improvements outlined by the GAO by the end of this year.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.