The Cybersecurity and Infrastructure Security Agency (CISA) unveiled new cyber performance goals aimed at addressing risks to software development and product design in the IT sector.
Last week, the Cybersecurity and...more
A new study finds that a majority of employees may sidestep their company’s security policies to be more productive, including policies related to workplace AI. It may come as little surprise that employees try to find ways...more
Backup authentication methods create a vulnerability in passkey protection to adversary-in-the-middle attacks. Security protections from passkey authentication can still potentially be subverted by attackers....more
Joint guidance from the “Five Eyes” cybersecurity agencies provides best practices on securely deploying and operating AI systems. New guidance by the U.S. National Security Agency’s Artificial Intelligence Security Center,...more
CL0P is adopting “quadruple extortion” tactics. If your organization has received a ransomware demand, CL0P may be a familiar name. In 2023, CL0P was the third most prolific ransomware gang, after Lockbit and ALPHV....more
The California Privacy Protection Agency recently released updated draft regulations regarding cybersecurity audits under the California Consumer Privacy Act.
On November 8, 2023, the California Privacy Protection Agency...more
Russia-linked threat actor Fancy Bear is conducting a wave of phishing campaigns impersonating entities across Europe, Americas, and Asia, focusing on Ukraine-related targets....more
Informants can net $15 million for information about leaders behind the ALPHV/Blackcat Ransomware.
The U.S. Department of State is offering rewards of up to $10 million for information leading to key leaders in the...more
Coyote, a new Brazilian malware, is currently hunting down credentials for sixty-one (61) different banking applications. Researchers expect the malware to spread internationally. Russian cybersecurity firm Kaspersky has...more
New vulnerability found in the boot process for Linux systems configured to boot over the network.
A high severity vulnerability could allow attackers to take over a Linux system. The vulnerability is in the shim software...more
Vulnerability in the open-source automation server Jenkins is exploitable using a publicly released proof of concept.
On January 24, 2024, Jenkins announced the presence of vulnerability CVE-2024-23897. The vulnerability...more
Industrial automation platform Rapid SCADA contains seven key vulnerabilities.
CISA recently published an advisory about seven vulnerabilities in Rapid SCADA—an open-source industrial automation platform that provides tools...more
CISA has added a new Ivanti vulnerability to its known exploited vulnerability catalogue. This vulnerability can be paired with other recently-reported vulnerabilities to permit threat actors to write malicious web shell...more
The Biden Administration released its National Cybersecurity Strategy (Strategy) in an effort to reshape U.S. policy and priorities around cybersecurity for the public and private sectors, marking a significant shift in tone...more
On March 11, the Word Health Organization officially characterized the coronavirus (COVID-19) outbreak as a pandemic. During the outbreak, many employers around the world are seeking to prioritize the well-being and safety of...more
3/16/2020
/ Business Continuity Plans ,
Business Interruption ,
China ,
Coronavirus/COVID-19 ,
Crisis Management ,
Cybersecurity ,
Data Protection ,
Emergency Management Plans ,
Infectious Diseases ,
Information Security ,
Malware ,
Policies and Procedures ,
Popular ,
Public Health ,
Risk Management
The EU’s General Data Protection Regulation (GDPR), which went into effect in May 2018, requires companies to implement appropriate security measures when handling personal data....more
9/12/2018
/ Bring Your Own Device (BYOD) ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Protection ,
Electronic Data Transmissions ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Information Technology ,
Mobile Device Management ,
PaaS ,
Personal Data ,
Popular ,
Risk Management ,
SaaS ,
Security Risk Assessments ,
UK