President Donald Trump has signed a new executive order that requires TikTok owner ByteDance to divest from its U.S. operations within 90 days. In the new order, Trump cites national security concerns in demanding the Chinese company to spin off or sell its American assets.
A bipartisan group of federal lawmakers has proposed providing $28 billion to state and local governments to bolster their cybersecurity and IT infrastructures.
China could collect the personal data on Americans through the social media apps TikTok and WeChat for intelligence-gathering purposes, a senior Justice Department official says in explaining why the White House wants to ban these apps.
The latest edition of the ISMG Security Report analyzes why Barclays is being investigated for allegedly spying on its employees. Also featured: How the pandemic is affecting CISOs; an FBI assessment of nation-state threats to U.S. election.
With the surge in telehealth use during the COVID-19 pandemic, healthcare organizations must be prepared to deal with cloud security and privacy risks, says Jim Angle of Trinity Health, who is the author of a recent report from the Cloud Security Alliance.
Who watches the penetration-testing testers? Questions are circulating over how some organizations train their employees for the CREST pen-testing certification after some leaked internal documents appeared to contain material from past tests.
The National Institute of Standards and Technology has released the final version of its "zero trust" architecture guidelines that provide a road map for using the architecture in security programs.
Two critical, zero-day vulnerabilities affecting Internet Explorer and multiple versions of the Windows operating system are being exploited in the wild, Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency warn, urging prompt patching.
Yet another ransomware-wielding gang has threatened to steal and leak the data of any victims who refuse to pay a ransom: The operators of Avaddon ransomware have created a dedicated data-leak site that already lists a construction firm victim, and the gang continues to recruit new affiliates.
The Maze ransomware group has posted on its darknet website some data it claims it stole during a recent attack against Canon USA, according to the security firm Emsisoft.
Jeanette Manfra served under three presidents as one of the top U.S. government cybersecurity leaders. Now in her new role with Google Cloud, she draws upon her public sector experience to help agencies in their cloud adoption.
While the exposure of insecure databases on the internet is relatively common, a recent incident featured an unusual twist - the data was mysteriously deleted.
The operators behind the AgentTesla remote access Trojan have upgraded the infostealer with additional capabilities, including the ability to steal credentials from VPNs, web browsers, FTP files and email clients, Sentinel Labs reports. The low-cost malware is used in BEC scams and other campaigns.
New research has uncovered widespread vulnerabilities in wireless dongles that plug into a vehicle's OBD-II port. The inexpensive IoT devices have put new power into the hands of consumers to monitor their vehicles or check fault codes, but they could also open up new vectors for attacks.
Having a more thorough incident response plan can help organizations mitigate attacks faster and fine-tune their disaster recovery efforts, says Jeremiah Dewey of Rapid7.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
