Lawmakers on the House Committee on Financial Services this week announced nine provisions of its America COMPETES Act of 2022 - one of which has been criticized by cryptocurrency proponents for potential privacy and due process concerns.
U.S. Security and Exchange Commission Chair Gary Gensler wants to broaden cybersecurity regulations. Among his concerns are the rising threat of cyberattacks due to the tensions between Russia and Ukraine, and a need to harmonize communications between financial firms and third-party vendors.
CISA and the EPA today announced the Industrial Control Systems Cybersecurity Initiative, a 100-day cybersecurity plan to safeguard water and wastewater systems. Officials say their action plan "focuses on high-impact activities that can be surged to safeguard water resources."
A proposed class action lawsuit has been filed against Ohio-based Memorial Health System in the wake of a ransomware attack last August that reportedly involved the Hive cybercriminal gang, resulting in a health data breach affecting nearly 216,500 individuals.
Britain's National Cyber Security Center has launched a trial vulnerability management project called Scanning Made Easy, designed to empower small and midsize organizations to identify if critical software flaws are present in their IT infrastructure, so they can be targeted for remediation.
Lisa Young prepares security teams to protect and defend their organizations from cybercriminals by seeing the things that others miss and asking the questions that others are too afraid to ask. She discusses how critical thinking improves cybersecurity.
U.K. local authorities are to receive 37.8 million pounds from the government to boost cyber resilience in essential public services, and a Government Cyber Coordination Center is being established under a new U.K. Cyber Security Strategy announced this week.
The risks posed by Apache Log4j continue, as a previously seen initial access broker group with the codename Prophet Spider IAB appears to be targeting vulnerabilities in Apache's logging utility to infiltrate the virtualization solution VMware Horizon, researchers at BlackBerry warn.
Following a trend seen in similar cases, a proposed settlement in a class action lawsuit filed against health insurer Excellus in the wake of a cyberattack discovered in 2015 that affected 10.5 million individuals calls for the company to bolster its security.
OMB on Wednesday released a federal strategy to move the U.S. government toward mature zero trust architectures. White House officials say the new strategy - with a focus on MFA, asset inventories, traffic encryption, and more - is a key step in delivering on Biden's May 2021 executive order.
Despite Western governments' increased focus on disrupting ransomware, the quantity of new victims doesn't appear to have declined, at least so far. But multiple experts say that nation-state efforts to combat cybercrime syndicates are still picking up speed and may well yet have an impact.
A hacktivist group named Belarusian Cyber-Partisans says it has successfully attacked the country's railroad systems and encrypted some servers, databases and workstations to disrupt its operations. The group says its aim is "preventing the presence of Russian troops on the territory of Belarus."
As tensions continue to flare between Ukraine and Russia, which has amassed at least 100,000 troops along Ukraine's eastern border, the U.S. continues to mull intervention, a part of which includes bolstering Ukraine's cyber defenses. This comes as experts warn that cyberwarfare could play an increasingly significant...
SLC Lab, a Florida county laboratory that performs drug testing, is notifying thousands of individuals of a web portal misconfiguration incident that left sensitive information accessible to others for more than four years. How can other entities avoid such incidents?
The security world continues its fight against potential widespread exploitation of the critical remote code execution vulnerability - tracked as CVE-2021-44229 - in Apache's Log4j software library, versions 2.0-beta9 to 2.14.1, known as "Log4Shell" and "Logjam." This is a digest of ISMG's updates.