Former Obama White House cybersecurity official Chris DeRusha has been appointed federal CISO by the Biden administration after having served as CISO for the Biden campaign. He joins a number of newly appointed officials who will have cybersecurity oversight.
Does your organization have a plan in place if one of your employees is accused of being an insurrectionist? If your software was being used to spread plans for a riot, could you detect that? Threat modeling expert Adam Shostack discusses how companies should be prepared to respond to issues in the news.
A recently discovered 10-year-old bug, if exploited, could give hackers root access to vulnerable Linux and Unix operating systems, according to Qualys. Security experts are urging users to immediately implement a patch to mitigate the risk.
With ransomware continuing to fuel a massive surge in illicit profits, some experts have been calling on governments to launch offensive hacking teams to target cybercrime cartels. They're also calling for a review of cyber insurance payouts being used to fund ransoms.
A targeted phishing campaign is using a fake Microsoft Office 365 update to steal email credentials from business executives, and the credentials are then being offered for sale in underground forums, security firm Trend Micro reports.
Norway's privacy watchdog has proposed fining location-based dating app Grindr nearly $12 million after finding that it violated Europeans' privacy rights by sharing data with many more third parties than it had disclosed.
More breach victims are emerging as a result of exploits of an unpatched vulnerability in an aging file transfer application from Accellion. The latest announcement comes from the Australian Securities and Investments Commission, which says recent credit license applications were accessed.
North Korean hackers have been "targeting security researchers working on vulnerability research and development at different companies and organizations" to trick them into installing backdoored software that gives attackers remote access to their systems, warns Google's Threat Analysis Group.
When he co-founded the firm Beyond Identity in 2020, serial entrepreneur Jim Clark said he felt somewhat responsible for the proliferation of passwords. Now he and partner Tom Jermoluk are doing something about it. They are providing access to their passwordless technology for free. Clark explains why.
Police in the Netherlands have arrested two health ministry workers for allegedly stealing COVID-19 patient data from the agency's systems and offering it for sale online.
The SolarWinds supply chain compromise has raised questions over how to detect software that has been tainted during the vendor's development and build process. A concept called verified reproducible builds could help, says David Wheeler of the Linux Foundation.
Today's networks are transforming digitally before our eyes. Organizations across the globe are either cloud-first or cloud-next, and are moving their workforce, workplace, and workloads to cloud service applications and infrastructure.
Good news on the cybercrime front: "Cryptocurrency-related crime fell significantly in 2020," compared to 2019, reports blockchain analysis firm Chainalysis. Unfortunately, in the same timeframe, ransomware profits surged 311%, stoking calls for a crackdown on ransom payments.
It's an increasingly common story: Live Oak Bank was growing its cloud footprint and had specific needs for a cloud security provider. Bank CISO Thomas Hill is joined by Orca Security CEO Avi Shua to detail the case study and key lessons learned.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.