ISMG editors discuss: U.S. Sen. Angus King on the need for the federal government to form a clear, declarative cyber deterrence strategy, how CISA is ramping up efforts to support critical infrastructure defenses and the potential implications of the U.S. blacklisting of Israeli spyware firms.
There's no question the attack surface has expanded exponentially over the past 20 months. But has attack surface management grown and matured to keep pace? Martin Sajon and Jason Hicks of Coalfire discuss the evolution and essentials of ASM.
OK, so the trend is away from endpoint detection and response to extended detection and response. What does that even mean, and how can organizations get maximum cybersecurity protection from this shift? Cisco's Brian McMahon shares insight.
The U.S. State Department is offering rewards of up to $10 million for information that leads to the identification or location of members of the DarkSide ransomware gang and others who attack critical infrastructure. It follows the U.S. taking offensive cyber action against REvil, The Washington Post reports.
The latest edition of the ISMG Security Report features insight from U.S. Sen. Angus King on why the federal government needs to declare a clear response to cybercriminals in order to deter them. Also featured: Ransomware affiliates gain power and promoting diversity of thought in cybersecurity.
The U.S. Department of Commerce has added four foreign companies to its Entity List for allegedly engaging in activities "contrary to the national security or foreign policy interests of the U.S." Two Israeli companies - NSO Group and Candiru - were cited for allegedly supplying spyware to foreign governments to...
The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday issued a new directive - BOD 22-01 - requiring federal civilian agencies to patch vulnerabilities known to be actively exploited in the wild.
Typically, when manufacturing enterprises start to address IoT cybersecurity, there are the needs they know they have - and then the ones of which they are completely unaware. Entrust's David Low shares what needs to be done and where best to begin.
Facebook plans to shut down its facial recognition system, saying the regulatory landscape is unclear and citing ongoing concerns about the effects on society of using such systems. The company plans to delete more than 1 billion facial profiles.
The Federal Bureau of Investigation has issued a notification warning to private sector companies, especially those listed or in the process of being listed on stock exchanges, to be aware of ransomware actors using their undisclosed merger and acquisition data for extortion.
Ransomware-as-a-service provider BlackMatter has ceased operations due to pressure from local authorities, malware research organization vx-underground says, citing an announcement made by the gang on a Russian underground site.
A new report from the U.S. Treasury Department urges Congress to "act promptly" to issue legislation that brings additional oversight to stablecoins, or crypto tokens pegged to fiat currencies. Federal officials say regulation should match that of traditional financial institutions - as a way to mitigate investor,...
While ransomware remains many criminals' weapon of choice for reliably shaking down victims, the ransomware-attacker landscape itself continues to evolve in numerous ways, with a constant influx of fresh players, regular rebranding, as well as the challenge of cashing in cryptocurrency while staying anonymous.
Wireless device makers in the European Union market will soon have to adhere to a new set of cybersecurity guidelines at the design and production stages of manufacturing, according to the European Commission. The guidelines target devices such as mobile phones, tablets and other products.
Two researchers from the University of Cambridge have discovered a vulnerability that affects most computer code compilers and many software development environments, according to a new research paper. The bug could cause a SolarWinds-like open-source supply chain attack scenario, they say.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.