CISA is preparing to expand its vulnerability research and disclosure program, which is now mandatory for nearly all executive branch agencies, by creating a vulnerability disclosure platform service. As part of this effort, the cybersecurity agency is partnering with Bugcrowd and EnDyna.
Thousands of suspected criminals have been relying on the "Anom" encrypted communications platform to coordinate their efforts. But the FBI and Australian police developed Anom as a honeypot for monitoring criminals, producing intelligence that globally led to 800 arrests and massive drug seizures.
The European Commission has released two new tools aimed at easing the current legal hurdles associated with data sharing by European Union-based organizations and other businesses operating in the region. Tech giants embroiled in controversy over the EU's data -sharing polices welcomed the move.
The White House has written to business leaders, urging them to prioritize having robust ransomware defenses in place. The move comes as the Biden administration pursues multiple strategies to combat ransomware and digital extortion, including ordering a new task force to coordinate all federal investigations.
In a decision that will have major implications for the cybersecurity industry, the U.S. Supreme Court ruled Thursday to limit the scope of the Computer Fraud and Abuse Act. Security researchers and civil liberty groups argued that the 1986 law was too broadly written and outdated for today.
Organizations are connecting to industrial control networks at an increasing pace. The need to connect to the IT environment, cloud applications and remote workers has created a definitive gap by eroding the demilitarized zone. Because of this, organizations must deploy new ways to secure operational technology...
Former customers of the now-defunct encrypted communications service EncroChat, which was infiltrated by police last year, continue to get busted, including members of a crime syndicate that operated "an industrial-scale cocaine laboratory" in the Netherlands, Europol says.
The Department of Homeland Security has issued a cybersecurity directive that requires the operators of oil and gas pipelines to report ransomware attacks and other security incidents to the government and take other security steps.
The U.S. Department of Homeland Security is preparing cybersecurity regulations for the oil and gas industry in the wake of the ransomware attack on Colonial Pipeline Co. that resulted in the company suspending operations for several days, according to The Washington Post.
Where were you on May 25, 2018? That was the day the EU's General Data Protection Regulation went into full effect. Three years later, some legal and privacy experts say that while the global privacy discussion and expectations have evolved, GDPR still has some growing up to do.
Insurance company CNA's apparent decision to pay attackers a $40 million ransom and Colonial Pipeline Co.'s payment of a $4.4 million ransom are stirring debate over whether such payments should be banned under federal law.
Ransomware attacks are stuck on repeat: Criminal syndicates have found an extremely profitable business model, and they're milking it for all it's worth. So give the city of Tulsa, Oklahoma, credit for having in place robust disaster recovery capabilities and vowing to remediate, rather than pay criminals.
It's not just traditional data governance – it's about business risk. And in the age of GDPR and CCPA, you’d best have a handle on data discovery and classification. Patrick Benoit of CBRE gives the BISO's perspective on data risk governance.
"They’re playing games," is how one security expert describes Conti ransomware-wielding attackers' "gift" of a decryptor to Ireland's crypto-locked health service, while still demanding a ransom to not leak stolen health data. The same could be said of the DarkSide gang's promised retirement.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.