government
Generative AI lures DevOps and SecOps into risky territory
Application security leaders are more optimistic than developer leaders on generative AI, though both agree it will lead to more pervasive security vulnerabilities in software …
How Chinese hackers got their hands on Microsoft’s token signing key
The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 …
The misconceptions preventing wider adoption of digital signatures
In this Help Net Security interview, Thorsten Hau, CEO at fidentity, discusses the legal validity of qualified digital signatures, demonstrating their equivalence to …
A closer look at the RFI on open-source software security
The U.S. Office of the National Cyber Director (ONCD) released a request for information (RFI) entitled Open-Source Software Security: Areas of Long-Term Focus and …
Rising cyber incidents challenge healthcare organizations
Healthcare organizations are facing many cybersecurity challenges that require them to increasingly prioritize cybersecurity and compliance, according to Claroty. Threat …
Qakbot botnet disrupted, malware removed from 700,000+ victim computers
The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 …
Is the cybersecurity community’s obsession with compliance counter-productive?
Does anyone think the chances of surviving a plane crash increase if our tray tables are locked and our carry-on bags are completely stowed under our seats? That we’ll be OK …
How EU lawmakers can make mandatory vulnerability disclosure responsible
There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the …
Zimbra users in Europe, Latin America face phishing threat
ESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users’ credentials. Zimbra Collaboration is an open-core collaborative …
A closer look at the new TSA oil and gas pipeline regulations
The TSA has announced updates to its Security Directive (SD) to strengthen the operational resilience of oil and natural gas pipeline owners and operators against …
Federal agencies gear up for zero trust executive order deadline
Federal agencies are prepared to meet the zero trust executive order requirements from the Biden Administration with just over a year until the deadline, according to …
SEC cybersecurity rules shape the future of incident management
The SEC adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD