Martin Roesch, CEO, Netography Inc.

Good Governance: 'It's All Hygiene'

Steve King • November 30, 2023

In the constant struggle to manage the other five pillars - identify, protect, detect, respond and recover - security leaders often do not have governance at top of mind, said Netography CEO Martin Roesch, but he added, "Good governance is the root of having good security."

Governance & Risk Management

Proofpoint Snags Former VMware President Sumit Dhawan as CEO

Latest

Cybercrime

Breach Roundup: Ukraine Hacks Russian Aviation Agency

Anviksha More • November 30, 2023

This week, Ukraine's intelligence service hacked Russian aviation agency, a cyberattack targeted Japan's space agency, Google addressed another zero-day, a French-led operation dismantled a Ukrainian ransomware group, and spyware targeted Serbian civil society.

Blockchain & Cryptocurrency

Cryptohack Roundup: KyberSwap Hacker Demands Control

Mihir Bagwe • November 30, 2023

This week, a KyberSwap hacker demanded total control, the U.S. Treasury called for additional tools to sanction crypto baddies, the Aerodrome and Velodrome DeFi platforms' front ends were hacked, a scam-as-a-service wallet drainer shut down, Indexed Finance thwarted hijacking attempts, and more.

Government

Experts Urge Congress to Establish Clear SBOM Guidance

Chris Riotta • November 29, 2023

Procurement experts testified to the House Subcommittee on Cybersecurity, Information Technology, and Government Innovation on Wednesday that government requirements leave too many unanswered questions and ambiguities for federal agencies when it comes to implementing SBOMs.

Artificial Intelligence & Machine Learning

US House Members Eye Potential Regulations in Healthcare AI

Marianne Kolbasuk McGee • November 29, 2023

As Congress weighs potential legislative and regulatory guardrails for the use of AI in healthcare, issues such as human oversight, privacy and security risk need close attention, said healthcare industry experts who testified during a House Energy and Commerce subcommittee hearing on Wednesday.

Blockchain & Cryptocurrency

US Sanctions, Seizes Sinbad Cryptomixer

David Perera • November 29, 2023

The U.S. federal government Wednesday added cryptocurrency mixer Sinbad.io to a growing blacklist of virtual asset platforms under sanctions that prevent Americans from doing business with them. The FBI seized the Sinbad website in an international operation.

Cloud Security

Attackers Actively Target Critical ownCloud Vulnerability

Mathew J. Schwartz • November 29, 2023

Security researchers say attackers are actively attempting to exploit a critical vulnerability in unpatched ownCloud implementations, which they can use to steal credentials and other secret information. Last month, ownCloud said it had sent all users a security alert and updates to fix the flaws.

Artificial Intelligence & Machine Learning

Generative AI Technology Leads AWS Agenda at re:Invent 2023

Rahul Neel Mani • November 28, 2023

In an effort to upstage Microsoft in the AI space, AWS CEO Adam Selipsky invited NVIDIA CEO Jensen Huang and Dario Amodei, co-founder of Anthropic, to share the stage at AWS re:Invent 2023. Selipsky committed to integrating generative AI across AWS solutions and guardrails to secure customer data.

Critical Infrastructure Security

Iranian Hacking Group Attacks Pennsylvania Water Authority

Chris Riotta • November 28, 2023

The U.S. Cybersecurity and Infrastructure Security Agency is investigating a cyberattack from an Iranian hacking group known as "Cyber Av3ngers" that targeted a small municipal water authority in Pennsylvania over its use of Israeli-owned software, according to officials.

Cybercrime

Apparent GE Hack Raises National Security Concerns

Chris Riotta • November 28, 2023

General Electric says it is aware of claims made by "a bad actor" about gaining unauthorized access to its sensitive data and taking "appropriate measures to help protect the integrity of our systems" after a hacker known as IntelBroker advertised access to its networks and data.

Fraud Management & Cybercrime

Thanksgiving Day Attack on Ardent Health Serving Leftovers

Marianne Kolbasuk McGee • November 28, 2023

Patient services - including emergency care and telehealth appointments - are still affected at dozens of hospitals and other care facilities in several states operated by Ardent Health Services as the Tennessee-based organization continues to respond to a Thanksgiving Day ransomware attack.

Cybercrime

DP World Says Australian Employee Data Stolen in Attack

Mihir Bagwe • November 28, 2023

A cyber incident that incapacitated four major Australian ports for days also resulted in the theft by hackers of employee data, the port operator said Tuesday. Hackers obtained personal information of current and former employees of DP World Australia in an incident first detected on Nov. 10.

Cybercrime

Police Bust Suspected Ransomware Group Ringleader in Ukraine

Mihir Bagwe , Mathew J. Schwartz • November 28, 2023

Police have arrested a group of criminals in Ukraine, including their alleged ringleader, who they suspect launched ransomware attacks against organizations across 71 countries, amassing at least 1,800 victims, from which they demanded ransoms collectively worth hundreds of millions of dollars.