The World Bank has launched a cybersecurity fund for low- and middle-income nations to support public sector efforts to conduct cybersecurity maturity assessments, offer technical assistance and support training and staff development.
The latest edition of the ISMG Security Report features an analysis of the cybercrime-as-a-service model and how law enforcement could potentially disrupt it. Also featured: T-Mobile probes a massive data breach; tackling abuse in the workplace.
T-Mobile USA says its massive data breach is worse than it first reported: The count of prepaid and postpaid customers whose information was stolen has risen to 14 million. Also revised upward: its count of 40 million exposed credit applications from former customers and prospects.
Following a breach of some of its servers in January 2020, the U.S. Census Bureau failed to follow standard cybersecurity practices, including properly maintaining logs of the incident to assist in an investigation, according to an inspector general's report made public this week.
A Nigeria-based ransomware gang is conducting a campaign that dangles a $1 million bribe - or a portion of any ransom collected - to employees of targeted organizations if they will install DemonWare ransomware on their corporate network.
On one hand, rapid cloud migration has been a boon to financial services organization. But it's also exposed some security weaknesses. Mark Guntrip of Menlo Security days it's time to "defend differently," and the zero trust model is one critical element of that new approach.
The Brazilian government has confirmed that its National Treasury fell victim to a ransomware attack on Aug. 13. The scope of the incident remains unclear, although officials say it did not damage structural systems.
Israel-based digital intelligence company Cellebrite is halting sales to Bangladesh, citing human rights concerns. The move comes after the U.N. on Friday called for a moratorium on the sale of "life-threatening" surveillance technology, singling out Israel's NSO Group for criticism.
The Executive Order on Improving the Nation’s Cybersecurity issued on May 12, 2021 requires federal agencies to develop a plan to adopt Zero Trust architectures within 60 days and multi-factor authentication within 180 days. With the increasing cyber attacks toward all areas of government, the executive order should...
It's unlikely that the U.S. abandoning its embassy and other facilities in Afghanistan poses cyber risks, thanks to the emergency planning that was already in place, some security experts say.
Although the federal information blocking rule spells out practices that are not considered violations of the regulation, healthcare entities must carefully assess the validity of privacy or security concerns before denying access, exchange or use of patient data, says attorney Adam Greene.
Scientists from the University of Maryland and the University of Colorado Boulder say they have discovered a new way that attackers could launch reflected denial-of-service amplification attacks over TCP by abusing middleboxes and censorship infrastructure.
When is a data exposure not just a data exposure? According to a U.S. Securities and Exchange Commission order, education publishing giant Pearson misled investors when it failed to proactively inform them that attackers had stolen millions of rows of student information, including poorly hashed passwords.
The ransomware attack that targeted Colonial Pipeline Co. in May compromised the personal information of more than 5,800 individuals, mainly current and former employees, according to a breach notification letter.
Initial access brokers continue to sell easy access to networks. Given the uptake of such access by ransomware operations over the past year, one surprise is that relatively few individuals appear to be serving as brokers, which, of course, makes them an obvious target for law enforcement authorities.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.