Four editors at Information Security Media Group discuss important cybersecurity issues, including dealing with attacks targeting the aging Accellion File Transfer appliance and taking steps to enhance employee authentication.
CISA is ordering federal executive branch agencies to rescan and recheck their networks by Monday for any signs of compromise related to the unpatched vulnerabilities in on-premises Microsoft Exchange email servers.
An Israeli citizen who served as the administrator of the now-shuttered DeepDotWeb portal that connected internet users with dark web marketplaces selling malware, data and contraband has pleaded guilty to a money laundering conspiracy charge.
The ODP Corp. reports in a Securities and Exchange Commission 8-K filing that it has suffered a loss of about $28 million due to a March 1 cyber incident at its business services and supplies subsidiary, CompuCom, that forced the company to shut down some of its operations.
Projects with potential cybersecurity components included in the Biden administration's $2 trillion infrastructure spending proposal include upgrading the aging and insecure electrical grid, addressing supply chain vulnerabilities and supporting research on artificial intelligence and quantum computing.
Months after an apparent ransomware attack against cloud hosting and managed service provider Netgain Technology, the list of healthcare sector entities reporting major health data breaches linked to the incident is growing.
The Iranian-linked threat group TA453, also known as Charming Kitten and Phosphorus, conducted a phishing campaign, dubbed "BadBlood," in late 2020 that targeted senior U.S. and Israeli medical researchers in an attempt to obtain their Microsoft Office credentials, according to Proofpoint.
Although SolarWinds has released a second round of patches for flaws in its Orion network monitoring platform that was targeted in a supply chain attack, some security experts say organizations need to go far beyond patching to manage the risks involved.
Banks and mobile network operators should collaborate to mitigate the risks of SIM swap fraud, which can lead to account takeovers, says Clare Messenger, global head of fraud protection at the U.K. telecom firm JT Group Ltd.