The Cybersecurity and Infrastructure Security Agency (CISA) today launched a new vulnerability disclosure policy (VDP) platform for US federal civilian agencies. Initially announced in June, the federal civilian enterprise-wide crowdsourced VDP platform provided by BugCrowd and EnDyna was established in support of Binding Operational Directive (BOD) 20-01 issued in September 2020. The newly launched VDP…
The Department of Justice (DOJ) said Friday that the hackers behind the major SolarWinds attack compromised employee accounts in more than two dozen federal prosecutors’ offices. The DOJ said in an update that the hackers are believed to have compromised the accounts from May 7 to Dec. 27, 2020. The data includes “all sent, received, and stored…
Global cyber attacks have increased by 29% in the last six months, as hackers continue to exploit the COVID-19 pandemic and the shift to remote working, according to new research. The 2021 Mid-year Security Report from Check Point provides a detailed overview of the cyber threat landscape and shows the latest cyberattack trends observed throughout…
An organisation in India faced cyber attack 1,738 times on average per week in the last six months compared to 757 attacks per organisation globally, a report showed on Thursday. The most impacted industries in India in the last six months were education/research, government/military, insurance/legal, manufacturing and healthcare, according to the report by Check Point…
A recent massive cyberattack involving wiper malware Meteor was successful in destroying Iran’s national rail infrastructure as well as the ministry of transportation’s website, resulting in significant train service interruptions throughout the country, according to The Hacker News. On July 9, the Iranian train system was rendered obsolete as a result of a massive attack…
3rd Party Risk Management , Application Security , Cybercrime DOJ: Russian-Linked Group Breached Office 365 Accounts in 27 Offices Scott Ferguson (Ferguson_Writes) • August 1, 2021 Photo: Salticidae via Flickr/CC The Russian-linked group that targeted SolarWinds using a supply chain attack compromised at least one email account at 27 U.S. Attorneys’ Offices in…
Israeli surveillance software company NSO Group has temporarily blocked several government clients around the world from using its Pegasus spyware as the company investigates its possible misuse, Washington-based non-profit media outlet NPR reported. The development also follows raids on some offices of the NSO Group on Wednesday by Israeli government agencies “to begin assessing” security…
Artificial Intelligence & Machine Learning , Governance & Risk Management , Next-Generation Technologies & Secure Development Agency Now Seeks Feedback to Help Address Governance Challenges Dan Gunderman (dangun127) • July 31, 2021 (Photo: Gerd Altmann/Pixabay) Citing a need to secure artificial intelligence technologies, the National Institute of Standards and Technology is working to…
The federal government is seeking to increase cybersecurity in critical infrastructure industries through the implementation of a voluntary Industrial Control Systems Cybersecurity Initiative (Initiative), while the US House of Representatives (House) concurrently focuses on the same goal by passing three bills aimed at enhancing cybersecurity. While it’s currently voluntary, it’s likely the Initiative—along with its…
Artificial Intelligence & Machine Learning , Governance & Risk Management , Next-Generation Technologies & Secure Development Agency Now Seeks Feedback to Help Address Governance Challenges Dan Gunderman (dangun127) • July 31, 2021 (Photo: Gerd Altmann/Pixabay) Citing a need to secure artificial intelligence technologies, the National Institute of Standards and Technology is working to…
