The U.S.Homeland Security Department this week will convene the first-of-its-kind cybersecurity summit with leaders from Latin America, which has increasingly become a hotbed for criminal digital activity and influence efforts by China. The two-day “Western Hemisphere Cyber Conference,” which will be attended by nearly two dozen nations and kicks off Wednesday, was inspired by a […]
The US Cybersecurity and Infrastructure Security Agency (CISA) has published new guidance designed to improve the accuracy of risk assessments related to hardware products in the supply chain. The Hardware Bill of Materials Framework (HBOM) for Supply Chain Risk Management is the work of the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) […]
Cybersecurity experts have shed light on a new cybercrime group known as ShadowSyndicate (formerly Infra Storm) that may have leveraged as many as seven different ransomware families over the past year. “ShadowSyndicate is a threat actor that works with various ransomware groups and affiliates of ransomware programs,” Group-IB and Bridewell said in a new joint […]
Changing approaches to cybersecurity have led to slow but steady progress in defense and protection. Still, competing interests create a growing challenge for cybersecurity decision makers and practitioners, according to CompTIA. The state of cybersecurity Most business and technology professionals feel that cybersecurity is improving, both generally and within their organizations. They also acknowledge that […]
Dive Brief: The average annual cost of insider cybersecurity threats increased to $16.2 million during the past 12 months, a 40% increase over four years, according to research conducted by the Ponemon Institute. The biggest costs associated with insider risks came after the incident had occurred, with containment and remediation representing the most expensive areas at […]
The US Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the National Football League (NFL), Allegiant Stadium and Super Bowl LVIII partners, has conducted a cybersecurity tabletop exercise this week in preparation for Super Bowl LVIII. The exercise aimed to assess and enhance cybersecurity response capabilities, plans and procedures for the upcoming event. The Super […]
In the latest cybersecurity news, researchers have found a new Python malware targeting Tatar language-speaking users. The Tatar language is a Turkic language spoken primarily by the Tatars, an ethnic group in Russia and neighboring countries. This Python malware strain, sourced by Cyble, can capture screenshots on the victim’s systems and send them over to […]
The Cybersecurity and Infrastructure Security Agency is urging the software industry to embrace the use of memory safe programming languages as part of a wider effort to eliminate security vulnerabilities in code. CISA called for the changes alongside a push to embrace secure-by-design practices during the software development stage and to increase the security of […]
The Known Exploited Vulnerabilities (KEV) Catalog maintained by the US cybersecurity agency CISA has led to significant improvements in federal agencies’ patching efforts, with more than 1,000 vulnerabilities now included in the list. Launched in November 2021, the KEV Catalog lists flaws that CISA has proof are being exploited in malicious attacks, and is accompanied […]