The White House is preparing executive branch agencies to adopt "zero trust" network architectures by 2024, with CISA and the OMB overseeing the creation of technology road maps that departments must follow. This is a major component of President Biden's cybersecurity executive order.
New Zealand's Computer Emergency Response Team says it is aware of ongoing distributed denial-of-service attacks that have disrupted services at several organizations in the country, including some financial institutions and the national postal service.
Google has identified three critical vulnerabilities affecting several Netgear smart switch products that, if exploited, give the attacker complete control over the compromised device. Netgear has issued a security advisory confirming that it has issued patches for 20 impacted products.
A Russian citizen, alleged to be working as a developer for the malware-spreading organization Trickbot, reportedly has been arrested at Seoul-Incheon International Airport. He was questioned by Korean authorities following an extradition request from the U.S.
The Ragnar Locker ransomware operation has been threatening to dump victims' stolen data if they contact police, private investigators or professional negotiators before paying a ransom. But as one expert notes: "Perhaps the criminals watched too many TV shows, because this isn’t how the real world works."
The most sought-after type of victim for ransomware-wielding attackers is a large, U.S.-based business with at least $100 million in revenue, not operating in the healthcare or education sector, with remote access available via remote desktop protocol or VPN credentials, threat intelligence firm Kela reports.
SEC Consult reportedly found multiple vulnerabilities in Moxa devices used in critical infrastructures including railways, manufacturing, cellular and heavy industries. Moxa has confirmed patching 60 vulnerabilities in its latest firmware update and issued mitigation advice for discontinued devices.
Security firm Cisco Talos reported this week that cybercriminals have found a new way to make money from their victims, by abusing internet-sharing "proxyware" platforms such as Honeygain and Nanowire to illegally share their victim’s internet connection.
While there is currently a lack of specific cyberthreats, Deputy National Security Adviser Anne Neuberger urges organizations, especially those in critical infrastructure, to take precautions over the Labor Day weekend, as threat groups have taken advantage of previous holidays to conduct attacks.
The Federal Trade Commission has, for the first time ever, banned a company and its CEO from the surveillance business in the U.S. Stalkerware service provider company SpyFone and its CEO, Scott Zuckerman, were banned for allegedly harvesting and sharing data through a hidden backdoor.
As the last U.S. military flight lifted off Tuesday evening from the airport in Kabul, Afghanistan, what's been left behind reportedly includes a vast trove of biometric data that could be used to identify - including for interrogation or execution - individuals who assisted the occupying NATO forces.
By some estimates, the managed security services business is expected to grow by 50% between 2020 and 2025. And a huge part of that growth will by XDR, says Colin O'Connor, COO of ReliaQuest. He explains why XDR is far more than just vendor hype.
Given that budgets and time are finite, how can organizations best identify if their information security strategy is well balanced and appropriate? Nandhini Duraisamy, chief operating officer of Quadron Cybersecurity Services, shares best practices.
Because a relatively small number of individuals provide the vast majority of services and infrastructure that power cybercrime, they remain top targets for arrest - or at least disruption - by law enforcement authorities, says cybercrime expert Alan Woodward. But of course, geopolitics sometimes gets in the way.