Jenny Radcliffe on People Hacking
Glenn Ware on Threat Management
Sanjay Subramanian: Information Siloes Exacerbate Threats
On August 21, 2024, the United States Cybersecurity and Infrastructure Security agency, alongside government agencies in key global allies, including Australia, the UK, Canada, and Japan, released guidance on event logging...more
Everyone thinks they can spot a phishing email. If true, we would not see so many security incidents, data breaches, and ransomware attacks. The statistics are overwhelming that phishing emails are a significant cause of data...more
In response to “multiple” cyber threat vectors, the Biden administration has asked governors of all 50 states to generate cybersecurity plans within 90 days (approximately July 1, 2024) to protect local water and wastewater...more
The Biden-Harris Administration is redoubling its efforts to improve cybersecurity for the nation’s water systems. In March, the EPA and the White House issued a dire warning to state governors alerting them of the need to...more
If you read about the world of hackers and cyber threats, you will quickly become numb to the creativity and variety of techniques that may threaten your organization. Like all risks, however, the key is to consider...more
On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell...more
Threat actors never cease to find innovative ways to extort their victims. If only threat actors would use their creativity for good causes....more
The recent arrest and criminal charges against Airman First Class Jack Teixeira for the alleged posting of classified and sensitive information on social media is yet another example of the significant risk that trusted...more
Researchers at WithSecure cybersecurity firm have seen two malware attacks against Veeam Backup and Replication servers believed to be initiated by cybercrime group FIN7, also known as Carbon Spider, which has also been...more
The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently released a joint cybersecurity advisory, warning organizations about indicators of compromise, and tactics, techniques, and...more
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored...more
This week the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) issued a “SHIELDS UP” advisory. While it does not identify specific threats in the advisory, CISA states that the “Russian...more
Although executives of organizations report that ransomware is their number one security concern, and 87 percent of them expect an increase in cyber-attacks against their organizations over the next year, only one-third of...more
It is hard to find a news post without a story on a ransomware attack. The National Security Council has issued an open letter warning all businesses to be alert and prepared for ransomware attacks. Various industry groups...more
The U.S. Department of Homeland Security (DHS) issued a security directive (Directive) that, for the first time, imposes mandatory cybersecurity requirements on companies in the pipeline industry. ...more
Recently, the largest gasoline pipeline in the United States fell victim to a ransomware attack that caused the pipeline to go offline for several days. In addition to causing gas shortages across the Southeastern United...more
Disruptionware attacks have become increasingly more common over the last few months. Just last month, I wrote about a dangerous disruptionware attack against a Florida Water Treatment Center that could have been a mass...more
A cyberattack on a single gas compression facility resulted in the shutdown of a natural gas pipeline for two days, according to a recent alert from the US Department of Homeland Security’s Cybersecurity and Infrastructure...more
Most compliance officers will admit that they have more than enough responsibilities in their purview. They are usually not looking for more. I have some bad or good news on this front depending on your perspective....more