CISA orders federal agencies to regularly perform IT asset discovery, vulnerability enumeration
A new directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) is ordering US federal civilian agencies to perform regular asset discovery and …
US to award $1B to state, local, and territorial governments to improve cyber resilience
The US government will award $1 billion in grants to help state, local, and territorial (SLT) governments address cybersecurity risks, strengthen the cybersecurity of their …
Is $15.6 billion enough to protect critical infrastructure?
Several bills totaling $15.6 billion are making their way through the House for the 2023 fiscal year. While $11.2 billion will go to the Department of Defense, $2.9 billion …
US government software suppliers must attest their solutions are secure
The Office of Management and Budget (OMB) has issued a memo requiring US federal government agencies to use software that has been built according to secure software …
Government guide for supply chain security: The good, the bad and the ugly
Just as developers and security teams were getting ready to take a breather and fire up the BBQ for the holiday weekend, the U.S.’s most prestigious security agencies (NSA, …
Cyberattacks on healthcare organizations negatively impact patient care
Cynerio and the Ponemon Institute have examined the current impact of cyberattacks on healthcare facilities and network-connected IoT and medical devices, and found multiple …
Phishers use custom phishing kit to hijack MFA-protected enterprise Microsoft accounts
An ongoing, large-scale phishing campaign is targeting owners of business email accounts at companies in the FinTech, Lending, Insurance, Energy and Manufacturing sectors in …
USA’s plan to build its cyber workforce, improve skills-based pathways to cyber jobs
On July 19, 2022, National Cyber Director Chris Inglis hosted the National Cyber Workforce and Education Summit at the White House. The event focused on building the cyber …
CISA and NPower offer free entry-level cybersecurity training
NPower, a US-based non-profit participating in a cybersecurity workforce development program started by the Cybersecurity and Infrastructure Agency (CISA), is looking for …
Clearview fine: The unacceptable face of modern surveillance
The UK’s Information Commissioner’s Office (ICO) has issued its third largest ever fine of £7.5m. It was imposed on Clearview AI, the controversial facial recognition company …
Automotive hose manufacturer hit by ransomware, shuts down production control system
A US subsidiary of Nichirin Co., a Japan-based company manufacturing and selling automotive hoses and hose parts, has been hit with ransomware, which resulted in the shut down …
Fake voicemail notifications are after Office365, Outlook credentials
A phishing campaign using fake voicemail notifications has been and is still targeting various US-based organizations, in an attempt to grab employees’ Office365 and …
Featured news
Resources
Don't miss
- 48,000+ internet-facing Fortinet firewalls still open to attack
- Acronis CISO on why backup strategies fail and how to make them resilient
- Ransomware attackers are “vishing” organizations via Microsoft Teams
- Scam Yourself attacks: How social engineering is evolving
- Addressing the intersection of cyber and physical security threats