The U.S. needs to devise ways to counter Chinese cyber activity - including the theft of intellectual property and cyberattacks on government networks and critical infrastructure - that poses a direct threat to national security, according to those who testified at a Senate hearing this week.
Cybersecurity acquisitions continue at an intense pace, with Ivanti, Sophos, Deloitte Risk & Financial Advisory, Cerberus Sentinel and Feedzai all making moves to bolster their security portfolios.
A seemingly nonstop number of ransomware-wielding attackers have been granting tell-all media interviews. One perhaps inadvertent takeaway from these interviews is the extent to which - surprise - so many criminals use lies in an attempt to compel more victims to pay a ransom.
The Biden administration is attempting to build an international consensus on how to react to China's aggressive cyber actions, which is one reason why it held off sanctioning the country over attacks on vulnerable Microsoft Exchange servers, says Anne Neuberger, deputy national security adviser for cyber.
The National Security Agency and the Cybersecurity and Infrastructure Security Agency have released new guidance on Kubernetes security, providing advice on securing container environments from supply chain threats, insider threats and data exfiltration risks.
Infection numbers are surging in the southern U.S., states and cities are enacting new mask mandates and the fall flu season looms as the great unknown. Sound familiar? COVID-19 is back with the highly contagious Delta variant. Pandemic expert Regina Phelps discusses what that means for business recovery.
Researchers at Palo Alto Networks' Unit 42 say they have demonstrated how exploits of Microsoft Jet Database Engine vulnerabilities could lead to remote attacks on Microsoft Internet Information Services and Microsoft SQL Server to gain system privileges. Microsoft recently patched the flaws.
A congressional report examining eight federal agencies found that seven continue to improperly protect sensitive data and do not meet basic cybersecurity standards.
Chinese APT groups compromised networks of telecom providers across Southeast Asia in an effort to harvest customers' sensitive communications, according to Cybereason. As in other Chinese cyberattacks, these APT campaigns exploited flaws in Microsoft Exchange servers.
A consolidated class action lawsuit filed against mobile game developer Zynga after it suffered a 2019 data breach looks set to be handled instead via arbitration. A judge notes that users agreed to arbitration in the terms and conditions, and so far, they've failed to prove they suffered any financial harm.
Ransomware actors have taken a page from the playbooks of tech support scammers of yore by guiding victims to download malware through persuasion over the phone. Microsoft says the technique is more dangerous than it first realized.
A remote access Trojan is being distributed via download links for software or media articles on Telegram channels, according to researchers at AT&T Alien Labs.
Researchers at the security firm RiskIQ have uncovered about 35 active command-and-control servers connected with an ongoing malware campaign that has been linked to a Russian-speaking attack group known as APT29 or Cozy Bear.
Nearly three weeks ago, Iran's state railway company was hit with a cyberattack that was disruptive and - somewhat unusually - also playful. Security firm SentinelOne says analyzing the wiper malware involved offers tantalizing clues about the attackers' skills, but no clear attribution.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.