USA

Large-scale breaches overshadow decline in number of healthcare data incidents

Critical Insight, cybersecurity, data breach, hacker, healthcare, News, NIST, report, risk assessment, strategy, USA /

Large-scale breaches overshadow decline in number of healthcare data incidents 23/08/2023 at 06:04 By Help Net Security While H1 2023 saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a significant increase in the number of individuals affected, which reached record levels, […]

React to this headline:

Loading spinner

Large-scale breaches overshadow decline in number of healthcare data incidents Read More »

A closer look at the new TSA oil and gas pipeline regulations

Compliance, cybersecurity, Don't miss, Government, GuidePoint Security, Hot stuff, regulation, USA, Video, vulnerability assessment /

A closer look at the new TSA oil and gas pipeline regulations 18/08/2023 at 06:02 By Help Net Security The TSA has announced updates to its Security Directive (SD) to strengthen the operational resilience of oil and natural gas pipeline owners and operators against cyber-attacks. In this Help Net Security video, Chris Warner, OT Senior

React to this headline:

Loading spinner

A closer look at the new TSA oil and gas pipeline regulations Read More »

Federal agencies gear up for zero trust executive order deadline

automation, cybersecurity, Government, News, report, SOAR, Swimlane, USA, zero trust /

Federal agencies gear up for zero trust executive order deadline 18/08/2023 at 05:04 By Help Net Security Federal agencies are prepared to meet the zero trust executive order requirements from the Biden Administration with just over a year until the deadline, according to Swimlane. The research investigated the confidence level of these agencies in meeting

React to this headline:

Loading spinner

Federal agencies gear up for zero trust executive order deadline Read More »

Why the “voluntary AI commitments” extracted by the White House are nowhere near enough

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Hot stuff, Ironscales, monitoring, opinion, regulation, USA /

Why the “voluntary AI commitments” extracted by the White House are nowhere near enough 16/08/2023 at 08:03 By Help Net Security Representatives from Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI recently convened at the White House for a meeting with President Biden with the stated mission of “ensuring the responsible development and distribution of

React to this headline:

Loading spinner

Why the “voluntary AI commitments” extracted by the White House are nowhere near enough Read More »

SEC cybersecurity rules shape the future of incident management

Compliance, cybersecurity, Don't miss, Government, Hot stuff, regulation, Schellman, strategy, USA, Video /

SEC cybersecurity rules shape the future of incident management 16/08/2023 at 07:05 By Help Net Security The SEC adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. The Commission also adopted rules requiring foreign private issuers

React to this headline:

Loading spinner

SEC cybersecurity rules shape the future of incident management Read More »

White House launches AI Cyber Challenge to make software more secure

Anthropic, Artificial Intelligence, Black Hat USA 2023, critical infrastructure, cybersecurity, darpa, DEF CON, Google, Government, Microsoft, News, OpenAI, OpenSSF, software, USA, vulnerability /

White House launches AI Cyber Challenge to make software more secure 10/08/2023 at 12:33 By Help Net Security The Biden-Harris Administration has launched a major two-year competition using AI to protect the United States’ most important software, such as code that helps run the internet and critical infrastructure. The AI Cyber Challenge (AIxCC) will challenge

React to this headline:

Loading spinner

White House launches AI Cyber Challenge to make software more secure Read More »

What to know about FedRAMP Rev. 5 Baselines

CISO, Compliance, cyber risk, cybersecurity, Don't miss, Government, Hot stuff, risk assessment, Risk Management, strategy, tips, USA, Video /

What to know about FedRAMP Rev. 5 Baselines 10/08/2023 at 06:31 By Help Net Security In this Help Net Security video, Kaus Phaltankar, CEO at Caveonix, discusses how the recent approval of the FedRAMP Rev. 5 Baselines is a significant step forward in the cloud security and compliance domain. The implications for CSPs and third-party

React to this headline:

Loading spinner

What to know about FedRAMP Rev. 5 Baselines Read More »

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key

critical infrastructure, cybersecurity, Don't miss, Dragos, Expert analysis, Expert corner, Government, Hot stuff, opinion, regulation, transportation, USA /

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key 08/08/2023 at 08:03 By Help Net Security Late last month, the Transportation Security Administration renewed and updated its security directive aimed at enhancing the cybersecurity of oil and natural gas pipelines. The reissued guidance, known as Security Directive (SD) Pipeline-2021-02D Pipeline Cybersecurity Mitigation, Actions,

React to this headline:

Loading spinner

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key Read More »

US government outlines National Cyber Workforce and Education Strategy

Cloud Range, cyber resilience, cybersecurity talent, Cyversity, Don't miss, education, Government, Hot stuff, ISSA, News, skill development, strategy, training, USA /

US government outlines National Cyber Workforce and Education Strategy 01/08/2023 at 14:03 By Zeljka Zorz After the release of a National Cybersecurity Strategy and its implementation plan, the Biden-Harris Administration has unveiled the National Cyber Workforce and Education Strategy (NCWES), “aimed at addressing both immediate and long-term cyber workforce needs.” The National Cyber Workforce and

React to this headline:

Loading spinner

US government outlines National Cyber Workforce and Education Strategy Read More »

National Cyber Strategy Implementation Plan: What you need to know

Airbus CyberSecurity, Don't miss, Government, Hot stuff, USA, Video /

National Cyber Strategy Implementation Plan: What you need to know 28/07/2023 at 06:31 By Help Net Security The Biden-Harris Administration’s recently released National Cybersecurity Strategy calls for two fundamental shifts in how the United States allocates roles, responsibilities, and resources in cyberspace. In this Help Net Security video, Kelly Rozumalski, a Senior VP leading Booz

React to this headline:

Loading spinner

National Cyber Strategy Implementation Plan: What you need to know Read More »

SEC adopts new cybersecurity incident disclosure rules for companies

Don't miss, Government, News, regulation, USA /

SEC adopts new cybersecurity incident disclosure rules for companies 26/07/2023 at 21:01 By Help Net Security The Securities and Exchange Commission (SEC) today adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. The Commission also adopted

React to this headline:

Loading spinner

SEC adopts new cybersecurity incident disclosure rules for companies Read More »

US companies commit to safe, transparent AI development

Abnormal Security, Artificial Intelligence, Cado Security, Don't miss, generative AI, Government, Hot stuff, News, research, Risk Management, USA /

US companies commit to safe, transparent AI development 24/07/2023 at 16:30 By Helga Labus Seven US artificial intelligence (AI) giants – Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI – have publicly committed to “help move toward safe, secure, and transparent development of AI technology.” The commitments “Companies that are developing these emerging technologies have

React to this headline:

Loading spinner

US companies commit to safe, transparent AI development Read More »

U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity

certification, CISA, Closed Door Security, cybersecurity, Government, hardware, News, NIST, Privacy, regulation, USA /

U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity 19/07/2023 at 13:33 By Help Net Security The Biden-Harris Administration has announced a cybersecurity certification and labeling program to help Americans more easily choose smart devices that are safer and less vulnerable to cyberattacks. The new “U.S. Cyber Trust Mark” program proposed

React to this headline:

Loading spinner

U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity Read More »

Chinese hackers forged authentication tokens to breach government emails

cloud security, cyber espionage, data theft, Don't miss, Europe, Government, Hot stuff, Microsoft, News, Outlook, USA, vulnerability /

Chinese hackers forged authentication tokens to breach government emails 12/07/2023 at 13:17 By Zeljka Zorz Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account (MSA) consumer signing key, the company has revealed on Tuesday. “The threat actor Microsoft links to this incident

React to this headline:

Loading spinner

Chinese hackers forged authentication tokens to breach government emails Read More »

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)

Data leak, Don't miss, extortion, file-sharing, Hot stuff, News, Progress, USA, vulnerability, WithSecure /

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708) 19/06/2023 at 15:09 By Zeljka Zorz Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web application in less that a month. Previously, the Cl0p cyber extortion gang exploited CVE-2023-34362 to

React to this headline:

Loading spinner

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708) Read More »

How to simplify the process of compliance with U.S. Executive Order 14028

CISO, Compliance, cybersecurity, Don't miss, Government, Hot stuff, how-to, strategy, tips, USA, Video /

How to simplify the process of compliance with U.S. Executive Order 14028 19/06/2023 at 07:03 By Help Net Security In this Help Net Security video, Nick Mistry, SVP and CISO at Lineaje, offers tips to simplify the process of compliance with U.S. Executive Order 14028. A key part of U.S. Executive Order 14028 is for

React to this headline:

Loading spinner

How to simplify the process of compliance with U.S. Executive Order 14028 Read More »

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

data theft, Don't miss, exploit, extortion, Horizon3.ai, Hot stuff, Huntress, News, PoC, Progress, Rapid7, UK, USA /

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362) 13/06/2023 at 14:18 By Zeljka Zorz As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE vulnerability exploited by the Cl0p cyber extortion group to plunder confidential data. CVE-2023-34362 PoC exploit released Horizon3 security

React to this headline:

Loading spinner

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362) Read More »

Five Eyes agencies detail how Chinese hackers breached US infrastructure

critical infrastructure, government-backed attacks, Hot stuff, Microsoft, News, NSA, SecureWorks, USA /

Five Eyes agencies detail how Chinese hackers breached US infrastructure 25/05/2023 at 14:16 By Help Net Security The National Security Agency (NSA) and Five Eyes partner agencies have identified indicators of compromise associated with a People’s Republic of China (PRC) state-sponsored cyber actor dubbed Volt Typhoon, which is using living off the land techniques to

React to this headline:

Loading spinner

Five Eyes agencies detail how Chinese hackers breached US infrastructure Read More »

Scroll to Top