DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
WhatsApp users should update the application for vulnerability CVE-2025-30401, which Meta recently patched when WhatsApp was released for Windows version 2.2450.6....more
On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which is associated with the product Ivanti Connect Secure....more
According to Cyberscoop, the cyber gang Cl0p “has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, an Illinois-based IT company that sells various types of enterprise software.” The gang...more
Share on Twitter Print Share by Email Share Back to top On September 26, 2024, the Department of Commerce’s Bureau of Industry and Security (BIS) published a Notice of Proposed Rulemaking that, if finalized, would prohibit...more
In the aftermath of what could be one of the most widespread global information technology outages in history, organizations are putting a renewed focus on combating old vulnerabilities that can have cascading effects. ...more
The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more
In one of the most clear-eyed and sobering assessments of the cyberthreat China poses to our nation’s critical infrastructure, the country’s foremost cybersecurity leaders recently testified that the Chinese Communist Party...more
On December 15, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) issued a Secure by Design Alert and guidance on “How Manufacturers Can Protect Customers by Eliminating Default Passwords.”...more
Malicious Android Apps Used to Target Iranian Banks - An ongoing Android malware campaign targeting users of Iranian financial institutions has expanded to include new abilities to target an even greater number of people...more
On October 30, 2023, the US Securities and Exchange Commission ("SEC") announced that it filed charges against SolarWinds Corp. ("SolarWinds" or the "Company") and its Chief Information Security Officer ("CISO") in connection...more
This article concludes K2 Integrity’s mini-series promoting the importance of Cybersecurity Awareness Month. Throughout October, we have been providing tips and solutions to organizations to commemorate the 20-year...more
This article is the third in a series of articles about Cybersecurity Awareness Month. Throughout October, K2 Integrity has been providing tips and solutions to organizations to commemorate the 20-year anniversary of the...more
On September 26, 2023, Windows released a configuration update on Windows 11 version 22H2 (all editions) that is worth reading and applying, particularly if you use Windows Copilot....more
CISA released a blog post last week reminding software designers that artificial intelligence (AI) tools are software and that they “must consider the security of the customers as a core business requirement, not just a...more
Like it or not, the remote workforce is here to stay. Statistics show that employees say they are more productive working from home, and even before the global pandemic, there had been a 44% growth in the remote workforce...more
Privacy Briefs: June 2023 - Long-term care pharmacy network PharMerica disclosed a breach involving more than 5.8 million patients, making it the largest breach reported to the HHS Office for Civil Rights (OCR) in the last...more
In the recent case Construction Industry Laborers Pension Fund on behalf of SolarWinds Corporation, et. al v. Mike Bingle, et al. (2022), the Delaware Chancery Court considered whether the directors of SolarWinds Corporation,...more
Researchers at Meta, the owner of Facebook released a report this week that indicated that, since March 2023, Meta “has blocked and shared with our industry peers more than 1,000 malicious links from being shared across our...more
Ransomware insurance coverage has become increasingly popular in recent years as the threat of ransomware attacks has continued to grow. However, despite the widespread adoption of this type of insurance, there are still...more
On September 15, 2022, the European Commission published its Proposal for a Cyber Resilience Act (CRA) which sets out new requirements for hardware and software products in the EU. The CRA applies to hardware and...more
New NullMixer Malware Campaign Spreading Through Cracked Software Websites - An emerging campaign was recently discovered by Kaspersky researchers spreading the "NullMixer" malware. NullMixer exfiltrates victims'...more
Takeaway: The latest directive from CISA will enhance federal agencies’ ability to identify vulnerabilities in their networks to prevent and respond to cybersecurity incidents....more
The FBI issued a Private Industry Notification targeted to the health care sector on September 12, 2022, warning that it has “identified an increasing number of vulnerabilities posed by unpatched medical devices that run on...more
On August 16, 2022, CISA (the Cybersecurity and Infrastructure Security Agency) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) issued an Alert outlining multiple Common Vulnerabilities and Exposures...more
When was the last time your company’s software was updated? If it was more than six months ago, your cybernetwork is at serious risk of exposure by hackers and you may be at risk of not complying with the new, 72-hour...more