CISA announced that Washington Secretary of State Kim Wyman will be the agency's senior election security lead. She will become a top security official within the Biden administration, inheriting a role that has garnered public attention following interference in 2016 and fraud claims in 2020.
As vice president of Red Team Services at CyberArk, Shay Nahari has an up-close view of an enterprise's soft defenses. He sees adversaries attack workforce users and compromise credentials. The lines between identity and privilege are colliding. More than ever, Nahari says, context matters.
Singapore healthcare firm Fullerton Health confirms that a data breach in the server of its vendor partner Agape Connecting People was responsible for the leak of 400,000 user accounts. The incident marks the fourth major data breach incident involving third-party vendors in Singapore this year.
Telecom company Voipfone has come under a severe "extortion-based" DDoS attack from foreign entities, according to a tweet by the U.K.-based company. The attack is likely a continuation of the one observed on Thursday, although the company stated that all its systems remained operational.
The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts, according to Secretary of State Antony Blinken. The move is a response to a challenging global threat landscape.
An attack on systems that govern fuel subsidies in Iran reportedly hit all fuel stations and left many of the country’s citizens without gas for hours. Islamic Republic of Iran Broadcasting says that a cyberattack caused widespread disruption to the country's fuel distribution network.
Will the notorious ransomware operation known as REvil, aka Sodinokibi, reboot yet again after someone apparently messed with its infrastructure? Experts suggest that the operation's brand is burned, and administrators will launch a new group. Many affiliates, meanwhile, already work with multiple groups.
Why do so many HIPAA -covered entities and their vendors do such a poor job managing security risk and safeguarding patient's protected health information? Many critical factors come into play, say Roger Severino, ex- director of HHS OCR, and Bob Chaput, founder of security consultancy Clearwater.
As the workplace quickly evolves, people are working from everywhere and accessing data from anywhere. Suddenly CISOs must manage not just external threats, but countless risks from within which always prove more elusive and harder to detect or prevent than traditional external ones. While the most common insider...
International law enforcement officials on Tuesday announced that some 150 suspects have been arrested globally for buying or selling illegal goods, following a 10-month sting operation, code name "Operation DarkHunTOR," targeting the dark web.
In preparation for the relaunch of ISMG’s education platform, CyberEd.io, Ron Ross of the National Institute of Standards and Technology and Brian Barnier, who is designing a course on critical thinking and design thinking, discuss the need for reorienting toward systems thinking in cybersecurity.
The operators behind Groove ransomware are calling on other extortion gangs to join forces to attack the U.S. public sector, according to chatter seen on underground forums, reports malware research organization vx-underground, citing a blog posted by the gang on a Russian site.
Findings from CyberTheory's 2021 Third Quarter Review indicate that criminals are exploiting the open-source supply chain, and those exploits are proving much more difficult to identify, defend and stop in terms of complexity and depth than we've seen before, says CyberTheory's director, Steve King.
The threats have multiplied, tools have maxed out and the staff lacks capacity for real-time detection, investigation and response. Enter: MDR. John Irvine of eSentire discusses the power of MDR and the role of digital forensics.
Attacks on software supply chains can be difficult to detect yet devastating if one has occurred. But organizations can take steps to limit the risk from their suppliers, says Vikram Asnani, senior director of solution architecture with CyberGRX.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.