Government

How EU lawmakers can make mandatory vulnerability disclosure responsible

cybersecurity, Don't miss, ENISA, EU, European Commission, Expert analysis, Expert corner, Government, HackerOne, Hot stuff, legislation, opinion, vulnerability disclosure /

How EU lawmakers can make mandatory vulnerability disclosure responsible 21/08/2023 at 07:33 By Help Net Security There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the […]

How EU lawmakers can make mandatory vulnerability disclosure responsible Read More »

Federally Insured Credit Unions Required to Report Cyber Incidents Within 3 Days

Compliance, credit union, data breach, Government /

Federally Insured Credit Unions Required to Report Cyber Incidents Within 3 Days 18/08/2023 at 14:16 By Ionut Arghire The National Credit Union Administration is requiring all federally insured credit unions to report cyber incidents within 72 hours of discovery. The post Federally Insured Credit Unions Required to Report Cyber Incidents Within 3 Days appeared first

Federally Insured Credit Unions Required to Report Cyber Incidents Within 3 Days Read More »

Zimbra users in Europe, Latin America face phishing threat

credentials, Don't miss, ESET, Europe, Government, Hot stuff, News, phishing, SMBs, social engineering /

Zimbra users in Europe, Latin America face phishing threat 18/08/2023 at 11:04 By Help Net Security ESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users’ credentials. Zimbra Collaboration is an open-core collaborative software platform, a popular alternative to enterprise email solutions. About the Zimbra phishing campaign The campaign has been

Zimbra users in Europe, Latin America face phishing threat Read More »

A closer look at the new TSA oil and gas pipeline regulations

Compliance, cybersecurity, Don't miss, Government, GuidePoint Security, Hot stuff, regulation, USA, Video, vulnerability assessment /

A closer look at the new TSA oil and gas pipeline regulations 18/08/2023 at 06:02 By Help Net Security The TSA has announced updates to its Security Directive (SD) to strengthen the operational resilience of oil and natural gas pipeline owners and operators against cyber-attacks. In this Help Net Security video, Chris Warner, OT Senior

A closer look at the new TSA oil and gas pipeline regulations Read More »

Federal agencies gear up for zero trust executive order deadline

automation, cybersecurity, Government, News, report, SOAR, Swimlane, USA, zero trust /

Federal agencies gear up for zero trust executive order deadline 18/08/2023 at 05:04 By Help Net Security Federal agencies are prepared to meet the zero trust executive order requirements from the Biden Administration with just over a year until the deadline, according to Swimlane. The research investigated the confidence level of these agencies in meeting

Federal agencies gear up for zero trust executive order deadline Read More »

CISA Releases Cyber Defense Plan to Reduce RMM Software Risks

CISA, Government, Identity & Access, Management & Strategy /

CISA Releases Cyber Defense Plan to Reduce RMM Software Risks 17/08/2023 at 14:32 By Ionut Arghire CISA has published a cyber defense plan outlining strategies to help critical infrastructure organizations reduce the risks associated with RMM software. The post CISA Releases Cyber Defense Plan to Reduce RMM Software Risks appeared first on SecurityWeek. This article

CISA Releases Cyber Defense Plan to Reduce RMM Software Risks Read More »

SEC cybersecurity rules shape the future of incident management

Compliance, cybersecurity, Don't miss, Government, Hot stuff, regulation, Schellman, strategy, USA, Video /

SEC cybersecurity rules shape the future of incident management 16/08/2023 at 07:05 By Help Net Security The SEC adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. The Commission also adopted rules requiring foreign private issuers

SEC cybersecurity rules shape the future of incident management Read More »

US Cyber Safety Board to Review Cloud Attacks

cloud security, Government /

US Cyber Safety Board to Review Cloud Attacks 14/08/2023 at 18:16 By Ionut Arghire The US government’s CSRB will conduct a review of cloud security to provide recommendations on improving identity management and authentication. The post US Cyber Safety Board to Review Cloud Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

US Cyber Safety Board to Review Cloud Attacks Read More »

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities

Government, In Other News, Malware & Threats, Vulnerabilities /

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities 11/08/2023 at 17:18 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of August 7, 2023. The post In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities appeared first

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities Read More »

India Passes Data Protection Legislation in Parliament. Critics Fear Privacy Violation

Data Protection, Government, India, Laws, Privacy /

India Passes Data Protection Legislation in Parliament. Critics Fear Privacy Violation 11/08/2023 at 13:49 By Associated Press Indian lawmakers approved a data protection legislation that “seeks to better regulate big tech firms and penalize companies for data breaches” as several groups expressed concern over citizens’ privacy rights. The post India Passes Data Protection Legislation in

India Passes Data Protection Legislation in Parliament. Critics Fear Privacy Violation Read More »

Cybersecurity as a global, multi-sector activity with Mihoko Matsubara

awareness, Cybellum, cybersecurity, education, Government, News, NTT, podcast, policy, professional, strategy /

Cybersecurity as a global, multi-sector activity with Mihoko Matsubara 11/08/2023 at 05:47 By Help Net Security Like many leaders in the cybersecurity space, the professional journey of Mihoko Matsubara did not necessarily begin with securing devices or technology. However, once she discovered it, she was hooked. Discussing her career path with the Left to Our

Cybersecurity as a global, multi-sector activity with Mihoko Matsubara Read More »

White House launches AI Cyber Challenge to make software more secure

Anthropic, Artificial Intelligence, Black Hat USA 2023, critical infrastructure, cybersecurity, darpa, DEF CON, Google, Government, Microsoft, News, OpenAI, OpenSSF, software, USA, vulnerability /

White House launches AI Cyber Challenge to make software more secure 10/08/2023 at 12:33 By Help Net Security The Biden-Harris Administration has launched a major two-year competition using AI to protect the United States’ most important software, such as code that helps run the internet and critical infrastructure. The AI Cyber Challenge (AIxCC) will challenge

White House launches AI Cyber Challenge to make software more secure Read More »

What to know about FedRAMP Rev. 5 Baselines

CISO, Compliance, cyber risk, cybersecurity, Don't miss, Government, Hot stuff, risk assessment, Risk Management, strategy, tips, USA, Video /

What to know about FedRAMP Rev. 5 Baselines 10/08/2023 at 06:31 By Help Net Security In this Help Net Security video, Kaus Phaltankar, CEO at Caveonix, discusses how the recent approval of the FedRAMP Rev. 5 Baselines is a significant step forward in the cloud security and compliance domain. The implications for CSPs and third-party

What to know about FedRAMP Rev. 5 Baselines Read More »

White House Offers Prize Money for Hacker-Thwarting AI

Artificial Intelligence, Government /

White House Offers Prize Money for Hacker-Thwarting AI 09/08/2023 at 21:03 By AFP The White House launched an Artificial Intelligence Cyber Challenge competition for creating new AI systems that can defend critical software from hackers. The post White House Offers Prize Money for Hacker-Thwarting AI appeared first on SecurityWeek. This article is an excerpt from

White House Offers Prize Money for Hacker-Thwarting AI Read More »

White House Holds First-Ever Summit on the Ransomware Crisis Plaguing the Nation’s Public Schools

Government, Ransomware /

White House Holds First-Ever Summit on the Ransomware Crisis Plaguing the Nation’s Public Schools 08/08/2023 at 21:19 By Associated Press CISA will step up training for the K-12 sector and technology providers, including Amazon Web Services and Cloudflare, will offer grants and free software. The post White House Holds First-Ever Summit on the Ransomware Crisis

White House Holds First-Ever Summit on the Ransomware Crisis Plaguing the Nation’s Public Schools Read More »

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key

critical infrastructure, cybersecurity, Don't miss, Dragos, Expert analysis, Expert corner, Government, Hot stuff, opinion, regulation, transportation, USA /

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key 08/08/2023 at 08:03 By Help Net Security Late last month, the Transportation Security Administration renewed and updated its security directive aimed at enhancing the cybersecurity of oil and natural gas pipelines. The reissued guidance, known as Security Directive (SD) Pipeline-2021-02D Pipeline Cybersecurity Mitigation, Actions,

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key Read More »

CISA Unveils Cybersecurity Strategic Plan for Next 3 Years

CISA, Government, Management & Strategy /

CISA Unveils Cybersecurity Strategic Plan for Next 3 Years 07/08/2023 at 16:20 By Eduard Kovacs CISA has unveiled its Cybersecurity Strategic Plan for the next 3 years, focusing on addressing immediate threats, hardening the terrain, and driving security. The post CISA Unveils Cybersecurity Strategic Plan for Next 3 Years appeared first on SecurityWeek. This article

CISA Unveils Cybersecurity Strategic Plan for Next 3 Years Read More »

Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities

Featured, Government, Vulnerabilities, vulnerability /

Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities 04/08/2023 at 12:31 By Ionut Arghire Five Eyes government agencies have published a list of the software vulnerabilities that were most frequently exploited in malicious attacks in 2022. The post Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities appeared first on SecurityWeek. This

Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities Read More »

CISA Calls Urgent Attention to UEFI Attack Surfaces

Government, IoT Security, Supply Chain Security /

CISA Calls Urgent Attention to UEFI Attack Surfaces 04/08/2023 at 03:03 By Ryan Naraine The US government’s cybersecurity agency describes UEFI as “critical attack surface” that requires urgent security attention. The post CISA Calls Urgent Attention to UEFI Attack Surfaces appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

CISA Calls Urgent Attention to UEFI Attack Surfaces Read More »

Russian APT phished government employees via Microsoft Teams

APT, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft Teams, News, phishing, social engineering /

Russian APT phished government employees via Microsoft Teams 03/08/2023 at 15:17 By Zeljka Zorz An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering attack to bypass MFA protection “To facilitate their attack, the actor uses Microsoft

Russian APT phished government employees via Microsoft Teams Read More »

Scroll to Top