DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Gone are the days where technological solutions were “nice to have” options to provide us with better access to resources and improved process efficiencies. Nowadays, technological solutions – and specifically those that...more
Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity & Infrastructure Security Agency (CISA) is recommending that the patches be applied...more
On Monday, July 24, 2023, Apple issued a security update to address vulnerabilities that have been linked to a spyware campaign. iOS 16.6 fixes 25 iPhone security flaws, several of which are being exploited by threat actors...more
According to cybersecurity researchers at Bishop Fox, “hundreds of thousands” of FortiGate firewalls have not been patched against a known vulnerability and are at risk of being attacked by threat actors using the unpatched...more
CYBERSECURITY - World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak - Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global Cybersecurity Outlook 23 Insight Report (published in collaboration with Accenture), although...more
Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft stated that it is aware that two vulnerabilities are being actively exploited to access users’...more
Ransomware/Malware Activity - Twitter Confirms Data Breach Affecting 5.4 Million Account Profiles - On August 5, 2022, Twitter confirmed it has suffered a data breach after receiving a report of a vulnerability through...more
CYBERSECURITY - Update on Apache log4j and Kronos Security Incidents - It was a crazy weekend for cyber-attacks. People seem surprised, but those of us in the industry aren’t surprised one bit. It is very logical and...more
On December 9th, 2021, a critical zero-day vulnerability, which has the potential of providing threat actors access to millions of computers worldwide, was discovered. Due to the critical nature of this vulnerability, and the...more
It was a crazy weekend for cyberattacks. People seem surprised, but those of us in the industry aren’t surprised one bit. It is very logical and foreseeable that hackers are leveraging attacks that have maximum disruption on...more
A widely reported flaw in popular software known as Log4j poses a severe cybersecurity threat to organizations around the globe, with hundreds of millions of devices at risk. Over the past week, government agencies,...more
CYBERSECURITY - FBI Warning: M&A Activity Targeted by Ransomware Groups - The FBI issued a Private Industry Notification on November 2, 2021, warning companies that “ransomware actors are very likely using significant...more
Secureworks issues an annual Incident Response Report that is very helpful in obtaining information on what types of incidents are occurring in order to become more resistant to threats. The 2020 IR Report was recently...more
Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion - Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in...more
The Ponemon Institute recently issued its 2020 Cost of insider Threats Global Report, which finds that the frequency and cost of insider threats is continued to increase. Sponsored by ObserveIT and IBM, the 2020 report is the...more
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
FBI Warns of Retaliatory Cyber-Attack from Iran - The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This...more
The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This follows the warning last week by the Department of...more
Department of Homeland Security Warns of Cyber-Attacks by Iran - The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the...more
After the killing of Qassem Soleimani on January 3, 2020, by the U.S. government, the cybersecurity news industry has been abuzz about whether Iran will engage in cyber terrorism, and if so, to what degree, as part of its...more
Following the escalation of tensions between the United States and Iran in the past week, the Health Information Sharing and Analysis Center (H-ISAC) is warning hospitals and health systems that Iran could attack health...more
The Department of Homeland Security (DHS) is warning critical infrastructure operators to be on high alert for Iranian backed cyber-attacks because of the vulnerability of state and municipal computer systems, they are at...more
The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020 alerting the public that Iran poses a cyber terrorism threat to the United States...more
In its recent Cybersecurity Strategy, the U.S. Department of Homeland Security (DHS) defined “cyberspace” as “the independent network of information technology infrastructure, including the Internet, telecommunications...more