Government

CISA Calls Urgent Attention to UEFI Attack Surfaces

Government, IoT Security, Supply Chain Security /

CISA Calls Urgent Attention to UEFI Attack Surfaces 04/08/2023 at 03:03 By Ryan Naraine The US government’s cybersecurity agency describes UEFI as “critical attack surface” that requires urgent security attention. The post CISA Calls Urgent Attention to UEFI Attack Surfaces appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original […]

React to this headline:

Loading spinner

CISA Calls Urgent Attention to UEFI Attack Surfaces Read More »

Russian APT phished government employees via Microsoft Teams

APT, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft Teams, News, phishing, social engineering /

Russian APT phished government employees via Microsoft Teams 03/08/2023 at 15:17 By Zeljka Zorz An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering attack to bypass MFA protection “To facilitate their attack, the actor uses Microsoft

React to this headline:

Loading spinner

Russian APT phished government employees via Microsoft Teams Read More »

How local governments can combat cybercrime

CISO, cybercrime, Don't miss, Government, Hot stuff, how-to, strategy, tips, Video /

How local governments can combat cybercrime 03/08/2023 at 07:01 By Help Net Security Amid a recent uptick in cybercrime on local governments, cities have been left to recover for months after the initial attack. For example, leaders in Dallas, Texas are ready to spend months recovering from an attack that hindered the city’s 911 emergency

React to this headline:

Loading spinner

How local governments can combat cybercrime Read More »

US government outlines National Cyber Workforce and Education Strategy

Cloud Range, cyber resilience, cybersecurity talent, Cyversity, Don't miss, education, Government, Hot stuff, ISSA, News, skill development, strategy, training, USA /

US government outlines National Cyber Workforce and Education Strategy 01/08/2023 at 14:03 By Zeljka Zorz After the release of a National Cybersecurity Strategy and its implementation plan, the Biden-Harris Administration has unveiled the National Cyber Workforce and Education Strategy (NCWES), “aimed at addressing both immediate and long-term cyber workforce needs.” The National Cyber Workforce and

React to this headline:

Loading spinner

US government outlines National Cyber Workforce and Education Strategy Read More »

US Gov Rolls Out National Cyber Workforce, Education Strategy

cyber workforce, Government, Management & Strategy, skills shortage, Training & Awareness /

US Gov Rolls Out National Cyber Workforce, Education Strategy 01/08/2023 at 02:37 By Ryan Naraine The Biden administration on Monday announced a series of “generational investments” to address immediate and long-term cyber workforce needs.  The post US Gov Rolls Out National Cyber Workforce, Education Strategy appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

US Gov Rolls Out National Cyber Workforce, Education Strategy Read More »

US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications

Government, guidance, Vulnerabilities, web security /

US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications 28/07/2023 at 19:17 By Ionut Arghire US and Australian government agencies provide guidance on addressing access control vulnerabilities in web applications. The post US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications Read More »

Industry Reactions to New SEC Cyber Incident Disclosure Rules: Feedback Friday

Feedback Friday, Government, SEC /

Industry Reactions to New SEC Cyber Incident Disclosure Rules: Feedback Friday 28/07/2023 at 17:47 By Eduard Kovacs Several industry professionals comment on the SEC’s new cybersecurity incident disclosure rules and their implications. The post Industry Reactions to New SEC Cyber Incident Disclosure Rules: Feedback Friday appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Industry Reactions to New SEC Cyber Incident Disclosure Rules: Feedback Friday Read More »

National Cyber Strategy Implementation Plan: What you need to know

Airbus CyberSecurity, Don't miss, Government, Hot stuff, USA, Video /

National Cyber Strategy Implementation Plan: What you need to know 28/07/2023 at 06:31 By Help Net Security The Biden-Harris Administration’s recently released National Cybersecurity Strategy calls for two fundamental shifts in how the United States allocates roles, responsibilities, and resources in cyberspace. In this Help Net Security video, Kelly Rozumalski, a Senior VP leading Booz

React to this headline:

Loading spinner

National Cyber Strategy Implementation Plan: What you need to know Read More »

US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’

cloud security, Cyberwarfare, Government /

US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’ 27/07/2023 at 23:17 By Ryan Naraine Redmond is accused of “negligent cybersecurity practices” that enabled a successful Chinese hack of the United States government. The post US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’ appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’ Read More »

Head of US Cybersecurity Agency Sees Progress on Election Security, With More Work Needed for 2024

CISA, Election, Government /

Head of US Cybersecurity Agency Sees Progress on Election Security, With More Work Needed for 2024 27/07/2023 at 19:16 By Associated Press CISA Director Jen Easterly says more is needed to defend the integrity and resiliency of the election process ahead of the 2024 election. The post Head of US Cybersecurity Agency Sees Progress on

React to this headline:

Loading spinner

Head of US Cybersecurity Agency Sees Progress on Election Security, With More Work Needed for 2024 Read More »

TSA Updates Pipeline Cybersecurity Requirements

Government, Government Policy, pipeline, TSA /

TSA Updates Pipeline Cybersecurity Requirements 27/07/2023 at 19:16 By Eduard Kovacs The TSA has released updated cybersecurity requirements for pipeline owners and operators, instructing them to test assessment and incident response plans. The post TSA Updates Pipeline Cybersecurity Requirements appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

TSA Updates Pipeline Cybersecurity Requirements Read More »

Companies Required by SEC to Disclose Cybersecurity Incidents in 4 Days

data breach, Government, Government Policy, SEC /

Companies Required by SEC to Disclose Cybersecurity Incidents in 4 Days 27/07/2023 at 12:47 By Eduard Kovacs The SEC has adopted new rules requiring public companies to disclose cybersecurity breaches that have a material impact within four days. The post Companies Required by SEC to Disclose Cybersecurity Incidents in 4 Days appeared first on SecurityWeek.

React to this headline:

Loading spinner

Companies Required by SEC to Disclose Cybersecurity Incidents in 4 Days Read More »

Cryptojacking soars as cyberattacks increase, diversify

cryptojacking, cybercriminals, cybersecurity, education, exploit, Government, healthcare, intrusion, IoT, Malware, News, Ransomware, report, SMBs, SonicWall /

Cryptojacking soars as cyberattacks increase, diversify 27/07/2023 at 05:03 By Help Net Security Digital threat actors are adopting evolving tactical behaviors, opting for different types of malicious attacks compared to previous years, according to SonicWall. Overall intrusion attempts were up, led by the highest year on record for global cryptojacking volume recorded by SonicWall, as

React to this headline:

Loading spinner

Cryptojacking soars as cyberattacks increase, diversify Read More »

SEC adopts new cybersecurity incident disclosure rules for companies

Don't miss, Government, News, regulation, USA /

SEC adopts new cybersecurity incident disclosure rules for companies 26/07/2023 at 21:01 By Help Net Security The Securities and Exchange Commission (SEC) today adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. The Commission also adopted

React to this headline:

Loading spinner

SEC adopts new cybersecurity incident disclosure rules for companies Read More »

Ex-NSA Official Harry Coker Tapped for National Cyber Director Job

Government, Harry Coker, Nation-State, National Cybersecurity Strategy, Tracking & Law Enforcement /

Ex-NSA Official Harry Coker Tapped for National Cyber Director Job 26/07/2023 at 20:19 By Ryan Naraine The Biden administration has nominated former Navy commander Harry Coker to replace the retired Chris Inglis. The post Ex-NSA Official Harry Coker Tapped for National Cyber Director Job appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Ex-NSA Official Harry Coker Tapped for National Cyber Director Job Read More »

Overcoming the cybersecurity talent shortage with upskilling initiatives

certification, critical infrastructure, cybersecurity, cybersecurity talent, Don't miss, education, Features, Government, Hot stuff, MACH37, machine learning, News, opinion, training /

Overcoming the cybersecurity talent shortage with upskilling initiatives 26/07/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Dr. Lindsey Polley de Lopez, Director of Cyber & Space Intelligence at MACH37, proposes strategies for companies, educational institutions, and governments on how to address the ongoing shortage of cybersecurity talent through the introduction of

React to this headline:

Loading spinner

Overcoming the cybersecurity talent shortage with upskilling initiatives Read More »

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)

0-day, data theft, Don't miss, endpoint management, enterprise, Government, Hot stuff, Ivanti, MobileIron, News, Norway, security update /

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078) 25/07/2023 at 13:37 By Zeljka Zorz A zero-day vulnerability (CVE-2023-35078) affecting Ivanti Endpoint Manager Mobile (EPMM) has been exploited to carry out an attack that affected 12 Norwegian ministries, the Norwegian National Security Authority (NSM) has confirmed on Tuesday. What is known about the attacks? On Monday,

React to this headline:

Loading spinner

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078) Read More »

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks

apple, Government, iOS, Mobile & Wireless, Vulnerabilities, Zero-Day /

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks 25/07/2023 at 03:03 By Ryan Naraine Apple patches another zero-day flaw used in the ‘Operation Triangulation’ exploit chain. iOS and macOS-powered devices are affected. The post Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks Read More »

US companies commit to safe, transparent AI development

Abnormal Security, Artificial Intelligence, Cado Security, Don't miss, generative AI, Government, Hot stuff, News, research, Risk Management, USA /

US companies commit to safe, transparent AI development 24/07/2023 at 16:30 By Helga Labus Seven US artificial intelligence (AI) giants – Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI – have publicly committed to “help move toward safe, secure, and transparent development of AI technology.” The commitments “Companies that are developing these emerging technologies have

React to this headline:

Loading spinner

US companies commit to safe, transparent AI development Read More »

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails

Azure, cloud security, email authentication, email security, Featured, Government, Microsoft, MSA key /

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails 21/07/2023 at 20:19 By Ryan Naraine Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online. The post Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails Read More »

Scroll to Top