USA

Qakbot botnet disrupted, malware removed from 700,000+ victim computers

Qakbot botnet disrupted, malware removed from 700,000+ victim computers 29/08/2023 at 21:19 By Zeljka Zorz The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 victim computers around the world. “To disrupt the botnet,

React to this headline:

Loading spinner

Qakbot botnet disrupted, malware removed from 700,000+ victim computers Read More »

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure 25/08/2023 at 15:36 By Helga Labus North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US. The group leveraged the vulnerability to deploy QuiteRAT, downloaded from an IP address

React to this headline:

Loading spinner

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure Read More »

Large-scale breaches overshadow decline in number of healthcare data incidents

Large-scale breaches overshadow decline in number of healthcare data incidents 23/08/2023 at 06:04 By Help Net Security While H1 2023 saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a significant increase in the number of individuals affected, which reached record levels,

React to this headline:

Loading spinner

Large-scale breaches overshadow decline in number of healthcare data incidents Read More »

A closer look at the new TSA oil and gas pipeline regulations

A closer look at the new TSA oil and gas pipeline regulations 18/08/2023 at 06:02 By Help Net Security The TSA has announced updates to its Security Directive (SD) to strengthen the operational resilience of oil and natural gas pipeline owners and operators against cyber-attacks. In this Help Net Security video, Chris Warner, OT Senior

React to this headline:

Loading spinner

A closer look at the new TSA oil and gas pipeline regulations Read More »

Federal agencies gear up for zero trust executive order deadline

Federal agencies gear up for zero trust executive order deadline 18/08/2023 at 05:04 By Help Net Security Federal agencies are prepared to meet the zero trust executive order requirements from the Biden Administration with just over a year until the deadline, according to Swimlane. The research investigated the confidence level of these agencies in meeting

React to this headline:

Loading spinner

Federal agencies gear up for zero trust executive order deadline Read More »

Why the “voluntary AI commitments” extracted by the White House are nowhere near enough

Why the “voluntary AI commitments” extracted by the White House are nowhere near enough 16/08/2023 at 08:03 By Help Net Security Representatives from Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI recently convened at the White House for a meeting with President Biden with the stated mission of “ensuring the responsible development and distribution of

React to this headline:

Loading spinner

Why the “voluntary AI commitments” extracted by the White House are nowhere near enough Read More »

SEC cybersecurity rules shape the future of incident management

SEC cybersecurity rules shape the future of incident management 16/08/2023 at 07:05 By Help Net Security The SEC adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. The Commission also adopted rules requiring foreign private issuers

React to this headline:

Loading spinner

SEC cybersecurity rules shape the future of incident management Read More »

White House launches AI Cyber Challenge to make software more secure

White House launches AI Cyber Challenge to make software more secure 10/08/2023 at 12:33 By Help Net Security The Biden-Harris Administration has launched a major two-year competition using AI to protect the United States’ most important software, such as code that helps run the internet and critical infrastructure. The AI Cyber Challenge (AIxCC) will challenge

React to this headline:

Loading spinner

White House launches AI Cyber Challenge to make software more secure Read More »

What to know about FedRAMP Rev. 5 Baselines

What to know about FedRAMP Rev. 5 Baselines 10/08/2023 at 06:31 By Help Net Security In this Help Net Security video, Kaus Phaltankar, CEO at Caveonix, discusses how the recent approval of the FedRAMP Rev. 5 Baselines is a significant step forward in the cloud security and compliance domain. The implications for CSPs and third-party

React to this headline:

Loading spinner

What to know about FedRAMP Rev. 5 Baselines Read More »

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key 08/08/2023 at 08:03 By Help Net Security Late last month, the Transportation Security Administration renewed and updated its security directive aimed at enhancing the cybersecurity of oil and natural gas pipelines. The reissued guidance, known as Security Directive (SD) Pipeline-2021-02D Pipeline Cybersecurity Mitigation, Actions,

React to this headline:

Loading spinner

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key Read More »

US government outlines National Cyber Workforce and Education Strategy

US government outlines National Cyber Workforce and Education Strategy 01/08/2023 at 14:03 By Zeljka Zorz After the release of a National Cybersecurity Strategy and its implementation plan, the Biden-Harris Administration has unveiled the National Cyber Workforce and Education Strategy (NCWES), “aimed at addressing both immediate and long-term cyber workforce needs.” The National Cyber Workforce and

React to this headline:

Loading spinner

US government outlines National Cyber Workforce and Education Strategy Read More »

National Cyber Strategy Implementation Plan: What you need to know

National Cyber Strategy Implementation Plan: What you need to know 28/07/2023 at 06:31 By Help Net Security The Biden-Harris Administration’s recently released National Cybersecurity Strategy calls for two fundamental shifts in how the United States allocates roles, responsibilities, and resources in cyberspace. In this Help Net Security video, Kelly Rozumalski, a Senior VP leading Booz

React to this headline:

Loading spinner

National Cyber Strategy Implementation Plan: What you need to know Read More »

SEC adopts new cybersecurity incident disclosure rules for companies

SEC adopts new cybersecurity incident disclosure rules for companies 26/07/2023 at 21:01 By Help Net Security The Securities and Exchange Commission (SEC) today adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. The Commission also adopted

React to this headline:

Loading spinner

SEC adopts new cybersecurity incident disclosure rules for companies Read More »

US companies commit to safe, transparent AI development

US companies commit to safe, transparent AI development 24/07/2023 at 16:30 By Helga Labus Seven US artificial intelligence (AI) giants – Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI – have publicly committed to “help move toward safe, secure, and transparent development of AI technology.” The commitments “Companies that are developing these emerging technologies have

React to this headline:

Loading spinner

US companies commit to safe, transparent AI development Read More »

U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity

U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity 19/07/2023 at 13:33 By Help Net Security The Biden-Harris Administration has announced a cybersecurity certification and labeling program to help Americans more easily choose smart devices that are safer and less vulnerable to cyberattacks. The new “U.S. Cyber Trust Mark” program proposed

React to this headline:

Loading spinner

U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity Read More »

Chinese hackers forged authentication tokens to breach government emails

Chinese hackers forged authentication tokens to breach government emails 12/07/2023 at 13:17 By Zeljka Zorz Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account (MSA) consumer signing key, the company has revealed on Tuesday. “The threat actor Microsoft links to this incident

React to this headline:

Loading spinner

Chinese hackers forged authentication tokens to breach government emails Read More »

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708) 19/06/2023 at 15:09 By Zeljka Zorz Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web application in less that a month. Previously, the Cl0p cyber extortion gang exploited CVE-2023-34362 to

React to this headline:

Loading spinner

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708) Read More »

How to simplify the process of compliance with U.S. Executive Order 14028

How to simplify the process of compliance with U.S. Executive Order 14028 19/06/2023 at 07:03 By Help Net Security In this Help Net Security video, Nick Mistry, SVP and CISO at Lineaje, offers tips to simplify the process of compliance with U.S. Executive Order 14028. A key part of U.S. Executive Order 14028 is for

React to this headline:

Loading spinner

How to simplify the process of compliance with U.S. Executive Order 14028 Read More »

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362) 13/06/2023 at 14:18 By Zeljka Zorz As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE vulnerability exploited by the Cl0p cyber extortion group to plunder confidential data. CVE-2023-34362 PoC exploit released Horizon3 security

React to this headline:

Loading spinner

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362) Read More »

Scroll to Top