By Paul Ducklin on Apr 01, 2021 07:41 pm
Don't fall for fake text messages, no matter how realistic the website looks if you click through.
By Robert Lemos Contributing Writer on Apr 01, 2021 06:40 pm
Attackers commonly focus on finding users with too much privileged access as their ticket to network compromise. What can companies do?
By Tara Seals on Apr 01, 2021 04:58 pm
A vast majority of companies in a global survey from Microsoft report being a victim of a firmware-focused cyberattack, but defense spending lags, but defense spending lags.
By Tim Starks on Apr 01, 2021 04:08 pm
Under a forthcoming White House order, companies that do business with the federal government would have to meet software security standards and swiftly report cyber incidents to a new entity within the Department of Homeland Security, sources familiar with a draft version of the document said. The order, which could be made public in a matter of weeks, is meant to improve the government’s ability to detect, coordinate, respond to and investigate cybersecurity incidents, as well as promote supply chain security and push government contractors to up their defenses. It is spurred largely by the suspected Russian campaign in which hackers exploited the update process for SolarWinds’ Orion software, which led to the compromise of nine federal agencies and roughly 100 companies, the White House previously said. Some of the order’s measures are aimed at strengthening DHS and its Cybersecurity and Infrastructure Security Agency. The White House directive would establish […]
The post Biden's cyber executive order to include new rules for federal agencies, contractors appeared first on CyberScoop.
By Steve Zurier Contributing Writer on Apr 01, 2021 04:05 pm
More sooner than later, employees will be making their way back to the office. Here's how security pros can plan for the next new normal.
By Tom Spring on Apr 01, 2021 03:53 pm
Some legacy models of QNAP network attached storage devices are vulnerable to remote unauthenticated attacks because of two unpatched vulnerabilities.
By Dark Reading Staff on Apr 01, 2021 03:00 pm
Attacker disabled water-purification operation systems "with intention of harming" the rural water district.
By Paul Ducklin on Apr 01, 2021 02:31 pm
Latest episode - listen now!
By Dark Reading Staff on Apr 01, 2021 02:20 pm
These sensitive systems store guests' personal data and payment-card information.
By Becky Bracken on Apr 01, 2021 02:07 pm
The ransomware gang exfiltrated 40 gigabytes of data from the fashion house, including HR and salary details.
By Richard Amburgey Chief Security Officer (CSO), Bureau of Labor Statistics on Apr 01, 2021 01:00 pm
Justify your requirements with real numbers to get support for security investments.
By Chris Haas on Apr 01, 2021 12:22 pm
Chris Hass, director of information security and research at Automox, discusses how to shore up cybersecurity defenses and what to prioritize.
By Samuel Greengard Freelance Writer on Apr 01, 2021 11:35 am
For all of their benefits, IoT devices weren't built with security in mind -- and that can pose huge challenges.
By Sean Lyngaas on Apr 01, 2021 11:33 am
A U.S. grand jury has indicted a 22-year-old man for allegedly hacking the computer system of a rural water utility in Kansas and shutting down processes that affect procedures for cleaning and disinfecting water. Federal prosecutors allege in an indictment unsealed Wednesday that Wyatt Travnichek logged into Ellsworth County Rural Water District’s computer system in 2019 as part of an “unauthorized remote intrusion” that resulted “in the shut-down of the facility’s processes.” Travnichek is accused of tampering with a water system, and causing “reckless damage to a protected computer.” The charges carry maximum prison sentences of 20 years and five years, respectively. Angela Naegele, a customer service specialist at the water utility who answered the phone Thursday, said the 2019 incident had no impact on customers’ drinking water. The utility continuously monitors its water quality and safety, Naegele added. The facility serves Ellsworth County, a county of about 6,100 people […]
The post Kansas man indicted in connection with 2019 hack at water utility appeared first on CyberScoop.
By Elizabeth Montalbano on Apr 01, 2021 10:51 am
Cyberattackers have set up a website for a fake company called SecuriElite, as well as associated Twitter and LinkedIn accounts.
By Praveen Patnala Co-Founder, Valtix on Apr 01, 2021 10:00 am
Traditional data center approaches aren't built for securing modern cloud applications.
|