Lenovo is expanding AI infrastructure options with a line of servers and an HCI stack that push beyond support of Nvidia and Intel AI accelerators to now include the AMD GPUs. The Lenovo Think System SR685a V3 server uses the latest generation of AMD EPYC CPUs and is the first to use AMD Instinct MI300X […]
The Cybersecurity and Infrastructure Security Agency is targeting a Sept. 30 deadline to give federal agencies a list of example software products deemed critical for the federal government’s cyber posture. The target date comes from the agency’s responses to a Thursday Government Accountability Office oversight report that examines implementation of a major 2021 cybersecurity executive […]
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the Office of the Director of National Intelligence (ODNI) released Securing Election Infrastructure Against the Tactics of Foreign Malign Influence Operations, a guidance document that details the latest tactics employed in foreign malign influence operations to shape U.S. policies, […]
Trust in cybersecurity tools has become one of the biggest challenges facing critical national infrastructure (CNI) providers as sophisticated nation-state attacks proliferate, according to a new report from Bridewell. The IT services firm’s latest Cyber Security in Critical National Infrastructure report is based on interviews with over 1000 CISOs and equivalent at CNI providers in […]
Critical Infrastructure Security Hacks on Unregulated Dams Can Result in Mass Casualties, Experts and Lawmakers Warn Chris Riotta (@chrisriotta) • April 18, 2024 Dams need better cybersecurity, warn experts. (Image: Shutterstock) Could a hacker seize control of America’s dams, unleashing floods and chaos across vulnerable communities? Cybersecurity analysts and leading lawmakers warn it’s […]
The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go. “While occasionally switching to a new remote administration tool or changing their C2 framework, MuddyWater’s methods remain constant,” Deep Instinct security researcher Simon […]
Apr 12, 2024NewsroomCyber Attack / Data Breach The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive (ED 24-02) urging federal agencies to hunt for signs of compromise and enact preventive measures following the recent compromise of Microsoft’s systems that led to the theft of email correspondence with the company. The […]
Mar 27, 2024NewsroomThreat Intelligence / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw […]
Mar 26, 2024NewsroomCyber Attack / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities added are as follows – CVE-2023-48788 (CVSS score: 9.3) – Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 (CVSS score: 9.8) – […]