U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity
The Biden-Harris Administration has announced a cybersecurity certification and labeling program to help Americans more easily choose smart devices that are safer and less …
Chinese hackers forged authentication tokens to breach government emails
Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account (MSA) …
A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)
Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web …
How to simplify the process of compliance with U.S. Executive Order 14028
In this Help Net Security video, Nick Mistry, SVP and CISO at Lineaje, offers tips to simplify the process of compliance with U.S. Executive Order 14028. A key part of U.S. …
PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)
As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE …
Five Eyes agencies detail how Chinese hackers breached US infrastructure
The National Security Agency (NSA) and Five Eyes partner agencies have identified indicators of compromise associated with a People’s Republic of China (PRC) state-sponsored …
Former Uber CSO avoids prison for concealing data breach
Joe Sullivan, the former Uber CSO who has been convicted last year for attempting to cover up a data breach Uber suffered in 2016 and kept it hidden from the Federal Trade …
City of Dallas hit by ransomware
The City of Dallas, Texas, has suffered a ransomware attack that resulted in disruption of several of its services. What do we know so far? “Wednesday morning, the …
CISA warns CI operators about vulnerabilities on their networks exploited by ransomware gangs
Organizations in critical infrastructure sectors whose information systems contain security vulnerabilities associated with ransomware attacks are being notified by the US …
TSA issues additional cybersecurity rules for the aviation sector
The Transportation Security Administration (TSA) issued a new cybersecurity amendment to the security programs of certain TSA-regulated (airport and aircraft) operators in the …
Alleged seller of NetWire RAT arrested in Croatia
This week, as part of a global law enforcement operation, federal authorities in Los Angeles successfully confiscated www.worldwiredlabs.com, a domain utilized by …
Law enforcement teams score major win against DoppelPaymer ransomware gang
In a joint effort, the German Regional Police, Ukrainian National Police, Europol, Dutch Police, and FBI joined forces on February 28, 2023, to take down the masterminds …
Featured news
Resources
Don't miss
- Acronis CISO on why backup strategies fail and how to make them resilient
- Ransomware attackers are “vishing” organizations via Microsoft Teams
- Scam Yourself attacks: How social engineering is evolving
- Addressing the intersection of cyber and physical security threats
- Fleet: Open-source platform for IT and security teams