A newspaper reporter in Missouri who responsibly reported the exposure of Social Security numbers on a state government website has been accused of malicious hacking by the state's governor. The governor alleged the publication of the vulnerability after it was fixed was part of a "political vendetta."
In an effort to bolster endpoint protection within the U.S. government, the White House is ordering federal agencies to allow CISA to access existing deployments. It is also setting timelines for improving the protection of workstations, mobile phones and servers.
The Central Electricity Authority has released a new set of cybersecurity guidelines for the power sector, aimed at securing OT systems and building a resilient security framework. It mandates, among other things, that all power sector companies appoint a dedicated CISO to secure systems.
A congressional letter sent to the heads of four federal agencies expressed an urgent need for the Biden administration to continue combating ransomware. This includes a particular focus on the cryptocurrency infrastructure that is enabling these cyberattacks, four Democratic lawmakers say.
Criminal hackers don't break for lunches, weekends or holidays. Of course, that's just one of many challenges facing information security teams, as they attempt to maximize visibility and minimize complexity while protecting their business around the clock, says Peter Van Lierde, the CISO of energy firm Sibelga.
The number of breach reports filed by U.S. organizations looks set to break records, as breaches tied to phishing, ransomware and supply chain attacks keep surging, the Identity Theft Resource Center warns. It says that there's also been a rise in tardy breach notifications containing little detail.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the importance of product security, the impact of ransomware on healthcare sector entities during the pandemic and thinking about cybersecurity awareness creatively.
The U.S. Department of Justice said this week it will pursue government contractors that fail to report cybersecurity incidents. The department also announced the formation of a Cryptocurrency Enforcement Team to prosecute the misuse of virtual currencies.
The Singapore Cybersecurity Strategy 2021 names critical information infrastructure security as its top priority and aims to ensure the country’s cyber resiliency will be strong enough to tackle present-day security threats. The new strategy sets out requirements for CII and non-CII organizations.
Who had heard of Syniverse before it recently disclosed a five-year breach, potentially exposing call-routing data and text messages for hundreds of mobile phone networks? The incident is just the latest supply chain attack to hit a lesser-known but nevertheless critical service provider.
Some of the highest-ranking cybersecurity officials in the U.S. government discussed the pervasive threat of ransomware on Tuesday, likening it to a clear issue of national security with the ability to inflict measurable damage on major world powers.
As enterprises adopt DevOps practices and leverage CI/CD pipelines to increase their pace of innovation and accelerate their digital transformation, security becomes increasingly essential. Security teams work to avoid disjointed security systems and practices which delay putting applications into production, and...
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why enterprises need a multilayered approach to securing identity, how fraud will evolve in 2022 and the need to secure backdoors to prevent ransomware attacks.
The latest edition of the ISMG Security Report features an analysis of how a cryptocurrency exchange bug has revealed North Korean monero laundering. Also featured are cyber insurance trends and cybercrime innovation.