Cisco has released an urgent software update to fix a critical authentication bug that can allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator.
Autodesk, a California-based design software and 3D technology firm, now says it was one of several tech and security companies targeted by a Russian-linked group that carried out the supply chain attack against SolarWinds, according to a financial filing with the SEC.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the emergence of new and rebranded ransomware groups practicing double extortion and supply chain security challenges in the oil and gas industry.
While there is currently a lack of specific cyberthreats, Deputy National Security Adviser Anne Neuberger urges organizations, especially those in critical infrastructure, to take precautions over the Labor Day weekend, as threat groups have taken advantage of previous holidays to conduct attacks.
This edition of the ISMG Security Report features an analysis initiatives unveiled by the Biden administration to enhance supply chain and critical infrastructure security and address the cybersecurity skills gap. Also featured: LockBit 2.0 ransomware rep 'tells all'; misconfigured Microsoft Power Apps.
The Biden administration unveiled a package of supply chain and critical infrastructure security initiatives following a meeting at the White House with tech executives and others. Companies such as Google and Microsoft also promised billions in spending on cybersecurity over the next several years.
As a technology and security leader, Laura-Lea Berna is driven to defend gaps. But as a business executive, the VP, IT and CIO of BC Transit has built her career on answering the question "Where's the need?" She discusses her path and role as a mentor to up-and-coming leaders.
The Biden administration is hosting a White House meeting Wednesday with technology, banking, insurance and education executives to focus on cybersecurity and national security issues, such as protecting critical infrastructure from attacks and how to hire more security professionals to meet demand.
The latest edition of the ISMG Security Report features an analysis of how ransomware attackers share about their inclinations, motivations and tactics. Also featured: The rise of integrity attacks; dispelling vaccine myths.
The U.S. Cybersecurity and Infrastructure Security Agency is creating the Joint Cyber Defense Collaborative to build a national cybersecurity defense strategy based on collaboration between the public and private sectors, CISA Director Jen Easterly said at the Black Hat 2021 conference Thursday.
The Russian-linked group that targeted SolarWinds using a supply chain attack compromised at least one email account at 27 U.S. attorneys' offices in 15 states and Washington, D.C., throughout 2020, according to an update posted by the Justice Department.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S. Cybersecurity and Infrastructure Security Agency and vendor security risk management in the healthcare sector.
This edition of the ISMG Security Report features an analysis of comments from the former head of Britain's GCHQ intelligence agency, Robert Hannigan, on the changing nature of ransomware attacks. Also featured: Disrupting the ransomware-as-a-service business model; supply chain security management tips.