The U.S. OMB recently released its latest deliverable as part of President Biden's cybersecurity executive order. Former federal CISO Grant Schneider discusses this guidance and shares best practices for agencies and organizations to improve the security of their software supply chain.
Expel is out with its new forward-looking report, "Great eXpeltations," and among the topics covered is supply chain targeting. Jon Hencinski of Expel and Bruce Potter of Clear Street share insights on why organizations must pay attention to these attacks.
Ukraine's cybersecurity authority says the country is fighting its first-ever hybrid war - combining conventional and digital warfare strategies and tactics. In this time of high alert, Rob Dartnall of Security Alliance calls for organizations to develop their threat intelligence capabilities.
'Despite an arsenal of point products designed to block malware and threats and warn of vulnerabilities that can be exploited by attackers; it is no longer sufficient to rely on traditional defence techniques. While effective in some areas, these approaches are limited, with one of the most important gaps being the...
International hacking collective Anonymous on Thursday announced that it has hacked the Russian censorship agency known as Roskomnadzor. The group released 364,000 files it says show intensified censorship around the perception of the Ukraine invasion, which began in late February.
After months of political infighting, a landmark cybersecurity provision requiring critical infrastructure providers to report security incidents and ransom payments has passed both chambers of Congress and now heads to President Joe Biden's desk. The mandate is part of an omnibus spending bill.
Cybersecurity in Russia right now is complicated, owing to reprisals over its Ukraine invasion, leading to Russia launching its own root certificate to keep sites online; facing down "Russians only" RURansom wiper malware; and Avast being the latest business to suspend all operations in the country.
In an open letter addressing Ukraine's request to web governance entity ICANN, dozens of researchers, internet activists, politicians and academics voiced their disapproval, instead calling for precise, measured sanctions that could more effectively weaken Russian military and propaganda efforts.
The ISMG Security Report features an analysis of the U.S. government's request for billions of dollars in tech aid to curb the global impact of the Kremlin's campaign in Ukraine. It also examines Biden's cryptocurrency executive order and why breached organizations often don't share full details.
Former top U.S. cybersecurity official Richard Clarke said on Wednesday that the conflict in Ukraine will likely worsen before showing signs of improvement, including potential cyber escalation with the U.S. and its NATO allies. He urged U.S. organizations to allocate resources to cyber defense.
Federal authorities are warning about seven vulnerabilities affecting a software agent used to remotely manage an array of medical devices and other connected gear. If exploited, the vulnerabilities could enable hackers to gain full control of the affected devices or alter their configurations.
Ransomware groups continue to target critical infrastructure sectors internationally. An FBI alert says that ransomware group RagnarLocker has targeted 52 entities across 10 critical infrastructure sectors, while Romania's premier petrol supplier, Rompetrol, has reportedly been hit by Hive.
Studying software engineering practices from 100,000 production applications and 4,000,000 open source component migrations, Sonatype uncovered eye-opening behaviors in modern software development, including a surprising trend that nearly 70% of dependency management decisions are suboptimal.
Understanding these...
U.S. and NATO officials are increasingly looking to sharpen sanctions and rhetoric against Russia, and cybersecurity is a pivotal part of the discussion. The Biden administration is now requesting $10 billion in emergency funds to address Russia's campaign, with sizeable pots for cybersecurity.
As Russia's ground invasion and air assault against Ukraine continues, so too do online attacks being launched against Ukrainian targets. A Ukrainian cybersecurity official says his country is fighting the first-ever "hybrid war" that bridges both the physical and online realms.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.