Just days after Drupal warned of a "highly critical" flaw in its web services modules, hackers came calling, exploiting the content management system vulnerability to install cryptocurrency miners and other malicious software on sites, security experts warn.
Recent apparently state-sponsored hack attacks have hit dozens of companies in the U.S. and political parties in Australia. Officials say China and Iran appear to have escalated their online espionage campaigns, seeking to gather better intelligence and steal intellectual property.
A former U.S. Air Force counterintelligence agent was indicted for disclosing classified information and helping Iran compromise the computers of other U.S. intelligence agents. The case marks another damaging leak for the American government.
This Valentine's Day, authorities are once again warning individuals to watch out for anyone perpetrating romance scams. The FTC says Americans lost $143 million to romance scams in 2017, while in the U.K., Action Fraud says reported romance scam losses in 2018 topped $64 million.
In 2018, the Identity Theft Resource Center counted 1,244 U.S. data breaches - involving the likes of Facebook, Marriott and Exactis - that exposed 447 million sensitive records, such as Social Security numbers, medical diagnoses and payment card data.
FBI agents say the government shutdown is impeding their investigations, including cybersecurity probes, with the lack of funding compromising their ability to pay confidential informants and obtain warrants or subpoenas.
The U.S. Department of Homeland Security says executive branch agencies are being targeted by attacks aimed at modifying Domain Name System records, which are critical for locating websites and services. The warning comes as security companies have noticed a rise in DNS attacks.
The battle against Russian disinformation is far from over. Two in-depth Senate reports have revealed that such campaigns continue despite efforts by social media companies to cleanse their platforms. Researchers say Facebook's Instagram may be the next battleground.
To combat cyberattacks, more nations must not only hold nation-state attackers accountable, but also better cooperate by backing each other's attribution, said Estonian politician Marina Kaljurand, who chairs the Global Commission on the Stability of Cyberspace, in her opening keynote speech at Black Hat Europe 2018.
Making his first appearance at an ISMG Summit, Jeremiah Osburn draws upon his nearly two decades of experience in the military, government and private sector to discuss a variety of topics, including:
Mitigating the insider threat
Staffing up in a post-breach environment
How to address the cybersecurity staffing...
While the modern organization embraces digital technology, it is also at risk of cyberattacks. In this guide, The Essential Guide to Security, we map out how agencies can use machine data for specific use cases and get started addressing threats and security challenges.
While the modern enterprise embraces digital...
Voting in the United States carries a huge privacy cost: states give away or sell voters' personal information to anyone who wants it. In this era of content micro-targeting, rampant misinformation and identity theft schemes, this trade in voters' personal data is both dangerous and irresponsible.
The journey to modernization has its challenges, including an increase in events that are more difficult to monitor due to a diverse hybrid cloud/legacy infrastructure. Real-time IT monitoring tools lead to earlier detection and fewer critical events that could place an agency's mission at risk.
The shift to digital transformation and new technologies increases what can be the biggest risk to your mission: a lack of real-time, end-to-end visibility into systems and operations. Individual department goals lead to a heterogenous landfill of products and systems managed in silos, challenging visibility and...
Choosing the right platform to build your agency's security operations center is arguably more important than choosing any point security product. But are you aware of the criteria you should consider when evaluating which Security Orchestration, Automation and Response (SOAR) platform to choose?