This report analyzes how sanctions levied against Russia and Belarus for the invasion of Ukraine are affecting security researchers in those countries who participate in bug bounty programs. It also examines lessons to be learned from data breaches and developments in passwordless authentication.
On Tuesday, Ireland's Data Protection Commission imposed an $18.6 million penalty on tech firm Meta. That same day, the privacy watchdog was sued by a member of the nonprofit Irish Council for Civil Liberties over its "prolonged inaction" in the Google data breach case.
Russian state-sponsored threat actors are exploiting default MFA protocols, along with PrintNightmare, the Windows Print Spooler vulnerability, to illegally access the network of a nongovernmental organization, the U.S. Cybersecurity and Infrastructure Security Agency and the FBI say.
War in Ukraine continues into its third week, and Russia is closing in on major Ukrainian cities, upping its targeting of civilian infrastructure. In the U.S., cybersecurity officials continue to urge a "Shields Up" approach - while the digital conflict has devolved deeply into the underground.
A Tennessee pediatric hospital is dealing with a cyber incident disrupting patient services, and a Missouri medical center and Colorado cardiology group have reported breaches linked to their recent security events. Experts say these are reminders of the threats facing healthcare sector entities.
It is critical for medical device manufacturers to take a threat modeling approach early in a product's design stage, say MITRE medical device cybersecurity experts Margie Zuk and Penny Chase, co-authors of the recently released Playbook for Threat Modeling Medical Devices commissioned by the FDA.
What should be in the upcoming executive order to control identity theft in pandemic relief programs? John Buzzard, lead fraud and security analyst, Javelin Strategy & Research; Frank McKenna, chief fraud strategist, PointPredictive; and Jake Emry, fraud prevention SME, NICE Actimize; share ideas.
Sanctions levied against Russia and Belarus for the invasion of Ukraine are affecting security researchers signed up with bug bounty platforms, which can no longer legally make payments. A researcher in Belarus says he's locked out from accessing $25,179 in his HackerOne account.
We look at cybersecurity largely focused on the immediate future. But educator Gary Henderson says we need to look a little further ahead. He makes the case for educating teachers about cybersecurity so they can educate their students, who can then go on to use those best practices in their careers.
On Monday night, Israeli government websites including those of the prime minister and the ministries of Interior, Health, Justice, and Welfare, went offline. The Israel National Cyber Directorate confirmed a massive DDoS attack against a communications provider, resulting in temporary access loss.
With the ground war worsening in Ukraine, lawmakers in the U.S. are seeking guidance from DHS on ways to continue fortifying U.S. cyber defense. The move comes as some cyber experts predict an ultimate escalation in Russia's malicious cyber activity targeting Ukraine or NATO member networks.
As the Russia-Ukraine war continues, healthcare sector entities need to be prepared to deal with potential spillover cyber incidents, says Anahi Santiago, CISO of ChristianaCare, the largest healthcare delivery organization in the state of Delaware. She discusses current cyber challenges.
A proposed class action lawsuit against a Montana-based healthcare organization after a recent hacking incident affecting 214,000 individuals - the entity's second significant breach since 2019 - alleges, among other claims, that the entity was negligent when it failed to protect sensitive data.
International hacking collective Anonymous reportedly hacked the German subsidiary of Russian energy company Rosneft on Monday, die Welt newspaper says, citing the country's cybersecurity watchdog, the Federal Office for Information Security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.