In an update on the investigation into the SolarWinds supply chain attack, Deputy National Security Adviser Anne Neuberger said the Biden administration is preparing "executive action" to address security shortcomings that have come to light.
In 2020, a cybercrime operation known as ShinyHunters breached nearly 50 organizations, security researchers say. And this year, it shows no signs of slowing down - it's already hacked e-commerce site Bonobo and dating site MeetMindful.
Sen. Mark Warner, D-Va., is demanding more information from the FBI and the EPA about the Feb. 5 hacking of a water treatment facility in Oldsmar, Florida. Meanwhile, Sen. Marco Rubio, R-Fla., is requesting that the FBI provide "all assistance necessary" to the investigation.
A remote code vulnerability in the Android version of the file-sharing app SHAREit could allow hackers to tamper with the app's permissions, enabling them to steal sensitive data, reports security firm Trend Micro.
First you had ‘shadow IT,’ then ‘shadow cloud.’ Now enterprises are encountering ‘shadow APIs’ – and the lack of visibility into these interfaces is causing new, often overlooked cybersecurity vulnerabilities, says Subbu Iyer of Cequence Security.
In this interview with Information Security Media Group,...
The Biden administration is reviewing former President Donald Trump's policies addressing potential national security and cybersecurity concerns about Chinese-owned companies as it develops new plans for dealing with a wide range of issues tied to China.
French cybersecurity authorities are warning that widely used, open-source IT monitoring software called Centreon appears to have been hit by Russian hackers. But unlike the SolarWinds supply chain attack, in this campaign, attackers appear to have hacked outdated, unpatched versions of the software.
Bloomberg has stood firm on its controversial story from two years ago asserting that China implanted a tiny chip on motherboards made by Supermicro. But rather than proving its contention in a follow-up, it may have inflicted more reputational damage upon itself.
Remote business operations and distributed workforce has triggered an urgency for deploying new technologies, applications and cloud-native solutions. There is a lack of cohesion between threat response and implementing new security policies and configurations, and a resulting lack of essential context that shapes...
Securing your enterprise is no longer just about securing the network. Digital transformation, distributed workplaces, cloud migration, cloud-based apps - these sweeping changes have transformed security. It’s now crucial that you secure users, devices, apps, and data at the point of access.
The next evolution of...
It’s clear that in cyberspace individual companies are struggling to keep up against
the growing volume and sophistication of attacks, despite increasing investments.
There are no easy answers to cybersecurity, but we do know that a Collective Defense
strategy — where companies, sectors, states, and nations...