While the U.S. government is making strides in improving the nation's cybersecurity, it needs to do more to protect critical infrastructure from attacks and create public-private partnerships to improve national security, the Cyberspace Solarium Commission notes in a report published Thursday.
The answer to the increasing volume of challenges is not to just add another tool into the mix, it's to add the tools the organization is already using into an integrated cohesive mix.
The Office of Management and Budget is ordering federal agencies to begin identifying "critical software" that needs protection as part of the effort to fulfill President Biden's cybersecurity executive order. Executive branch agencies then will have a year to implement security measures.
The FDIC has failed to properly update its policies for mobile device usage, conduct regular control assessments of its mobile device management solution or adequately log and monitor mobile cybersecurity practices, according to a new report from the Office of the Inspector General.
A congressional report examining eight federal agencies found that seven continue to improperly protect sensitive data and do not meet basic cybersecurity standards.
What's up with REvil? Questions have been mounting since the notorious ransomware operation went quiet on July 13, not long after unleashing a mega-attack via remote management software vendor Kaseya's software. The Biden administration has welcomed REvil's online shutdown but says it doesn't know the cause.
The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history. But if the viability of ransomware as a criminal business model should decline, expect those attackers to quickly embrace something else, such as illicitly mining for cryptocurrency.
A cybercrime forum seller advertised "a full dump of the popular DDoS-Guard online service" for sale, but the distributed denial-of-service defense provider, which has a history of defending notorious sites, has dismissed any claim it's been breached. What's the potential risk to its users?
Ransomware-wielding criminals continue to hone their illicit business models, as demonstrated by the strike against customers of Kaseya. A full postmortem of the attack has yet to be issued, but one question sure to be leveled at the software vendor is this: Should it have fixed the flaw more quickly?
The saga around how scores of aging Western Digital NAS devices were remotely erased has deepened with the discovery of a new, unknown software vulnerability. The situation underscores the problems of still-used devices that have been abandoned by manufacturers.
The code used to build copies of Babuk ransomware - to infect victims with the crypto-locking malware - has been leaked, after someone posted the software to virus-scanning service VirusTotal. Whether the leak was intentional - perhaps a rival gang seeking to burn the operation - remains unclear.
The global law enforcement "Anom" honeypot operation racked up impressive statistics for the number of criminals tricked into using the encrypted communications service. Psychology was at play: Officials say users flocked to the service after they disrupted rivals EncroChat and Sky Global.
Based on Russian-language cybercrime chatter, "fear" likely drove the lucrative Avaddon ransomware-as-a-service operation to announce its retirement as the U.S. exerts increasing diplomatic pressure on Moscow to disrupt such activity, experts say. But are criminals simply laying low until the heat dies down?
Former customers of the now-defunct encrypted communications service EncroChat, which was infiltrated by police last year, continue to get busted, including members of a crime syndicate that operated "an industrial-scale cocaine laboratory" in the Netherlands, Europol says.
"They’re playing games," is how one security expert describes Conti ransomware-wielding attackers' "gift" of a decryptor to Ireland's crypto-locked health service, while still demanding a ransom to not leak stolen health data. The same could be said of the DarkSide gang's promised retirement.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.