The Office of Management and Budget is ordering federal agencies to begin identifying "critical software" that needs protection as part of the effort to fulfill President Biden's cybersecurity executive order. Executive branch agencies then will have a year to implement security measures.
Antivirus and identity protection firm NortonLifeLock confirmed Tuesday that it has entered into an agreement to acquire its rival, Avast, for $8.1 billion to $8.6 billion.
There's another twist in the REvil ransomware saga: A decryption key released Friday on a Russian-language cybercrime forum unlocks files encrypted in the attack against Miami-based software developer Kaseya. Why it was released, however, is unknown, and its utility at this point is questionable.
Microsoft's Patch Tuesday rollout addressed two additional security issues within Windows Print Spooler, including one zero-day. Microsoft's August security update covers 44 vulnerabilities, with seven rated critical. Intel and Adobe also made security fixes.
For the fifth consecutive year, the supply of those with cybersecurity skills is far too low to meet the demand, according to a new report. Cybersecurity pros offer insights on how to change that.
With more than 61% of breaches attributed to stolen passwords, a password manager can go a long way in helping enterprises enhance security, say Chandan Pani, CISO at Mindtree, and Lloyd Evans, identity lead, JAPAC, at LogMeIn.
Taiwan-based network-attached storage device manufacturer Synology says the StealthWorker botnet is targeting its products with brute force attacks that could lead to ransomware intrusions.
A hacker breached the blockchain-based Poly Network platform to steal more than $600 million in cryptocurrency, the platform announced Tuesday. But Wednesday, it appeared the hacker had returned some of the stolen assets.
On Tuesday, the Senate, by a vote of 69-30, passed a $1 trillion infrastructure spending bill that would provide additional money for cybersecurity over the next several years, including extra funds for the Department of Homeland Security and its Cybersecurity and Infrastructure Security Agency.
NIST is updating "cyber resiliency" guidance to focus on mitigating modern cyberthreats to IT networks, especially ransomware and nation-state attacks. A draft encourages security defenders to move away from a perimeter-based defense to building resilient IT systems.
The rise of ransomware as a criminal moneymaking powerhouse parallels the services offered by initial access brokers, who continue to offer affordable access to victims' networks - often via brute-forced remote desktop protocol or VPN credentials - to help attackers hit more targets in search of larger profits.
Researchers at Group-IB say Chinese threat actors apparently were responsible for an attack on Russian federal executive authorities in 2020. Meanwhile, Positive Technologies reports that Chinese hacking group APT31 is now using a new dropper to infect Russian systems with malware.
Some patched on-premises Microsoft Exchange email servers are still proving to be vulnerable. The Conti ransomware group is now leveraging backdoors that persist, cybersecurity consulting firm Pondurance reports.
Two Latvian men tied to an extensive international money laundering operation that aided prominent cybercriminals have pleaded guilty to conspiracy charges.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.