government
Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955)
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-24955 – a code injection vulnerability that allows authenticated attackers to execute code …
Attackers are targeting financial departments with SmokeLoader malware
Financially motivated hackers have been leveraging SmokeLoader malware in a series of phishing campaigns predominantly targeting Ukrainian government and administration …
43 million workers potentially affected in France Travail data breach
French national unemployment agency France Travail (formerly Pôle emploi) and Cap emploi, a government employment service for people with disabilities, have suffered a data …
Public anxiety mounts over critical infrastructure resilience to cyber attacks
With temporary failures of critical infrastructure on the rise in the recent years, 81% of US residents are worried about how secure critical infrastructure may be, according …
10 free cybersecurity guides you might have missed
This collection of free cybersecurity guides covers a broad range of topics, from resources for developing cybersecurity programs to specific guides for various sectors and …
3 free data protection regulation courses you can take right now
Increasingly, information about us, and even by us, is being processed. Even mundane or insignificant details can be combined and linked with other data in a manner that may …
JCDC’s strategic shift: Prioritizing cyber hardening
In this Help Net Security interview, Geoffrey Mattson, CEO of Xage Security, discusses the evolution of the Joint Cyber Defense Collaborative (JCDC) since its 2021 inception …
Businesses foresee major impact from new SEC cybersecurity disclosure rules
While 98% of security professionals and executives have started working to comply with the new U.S. Securities and Exchange Commission (SEC) cybersecurity disclosure ruling, …
White House: Use memory-safe programming languages to protect the nation
The White House is asking the technical community to switch to using memory-safe programming languages – such as Rust, Python, Swift, C#, Java, and Go – to prevent …
NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure
The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks. The …
Avast ordered to pay $16.5 million for misuse of user data
The Federal Trade Commission will require software provider Avast to pay $16.5 million and prohibit the company from selling or licensing any web browsing data for advertising …
Microsoft begins broadening free cloud logging capabilities
After select US federal agencies tested Microsoft’s expanded cloud logging capabilities for six months, Microsoft is now making them available to all agencies using …
Featured news
Resources
Don't miss
- Contextal Platform: Open-source threat detection and intelligence
- Using cognitive diversity for stronger, smarter cyber defense
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)
- Malicious actors’ GenAI use has yet to match the hype