Unencrypted cookies tied to a suite of secure gateway technology from F5 are gateways for hackers to reach internal devices on corporate networks, warns the Cybersecurity and Infrastructure Security Agency. BIG-IP uses persistent cookies as a traffic load-balancing convenience.
An attempt by the California statehouse to tame the potential of artificial intelligence catastrophic risks hit a roadblock when Governor Gavin Newsom vetoed the measure late last month. One obstacle is lack of a widely-accepted definition for "catastrophic" AI risks.
While a Ransomware Task Force study of 2023 ransomware group disruptions finds they're often "tactical and temporary," report co-author Taylor Grossman said recent, major law enforcement actions may "really strategically pull them apart and make it harder for them to regroup."
When Norman Kromberg looks back over his career as a security leader and IT audit specialist, understanding threats and vulnerabilities was just part of the reason for his success. A major factor was - and still is - understanding the business side of the organization.
The Department of Defense is set to implement significant changes to the Cybersecurity Maturity Model Certification program, effective October 15, streamlining compliance for contractors by introducing a tiered system while enhancing security standards.
The European Council on Thursday adopted security-by-design regulation that makes patching and vulnerability updates mandatory for connected devices. The regulation will ensure that "products with digital components are made secure throughout the supply chain and throughout their life cycle."
A British cybersecurity official touted Operation Cronos, an international operation against LockBit, saying multiple strikes aimed at the ransomware-as-a-service have disrupted its ability to recruit hackers. The operation has resulted in indictments, sanctions, and server takedowns.
General hospitals in New York State must now report cyber incidents to state regulators within 72 hours under new cybersecurity requirements that went into effect on Oct. 2. The hospitals have until next fall to comply with a long list of other security mandates, including appointing a CISO.
Foreign threat actors are using generative artificial intelligence to influence U.S. elections, but their impact is limited, said OpenAI. Threat actors from China, Russia, Iran, Rwanda and Vietnam maliciously used AI tools to support influence operations.
Relyance AI raised $32 million in Series B funding to grow its data governance platform. The funds will be used to scale operations, enhance real-time data visibility, and support enterprises in complying with complex global privacy regulations, ensuring responsible AI adoption across industries.
The Social Security Administration is facing criticism for failing to update its fraud prevention technology, leaving financial institutions and federal authorities at risk of missing synthetic identity scams, according to a new Government Accountability Office report.
This week, the Global Signal Exchange hopes to dent online crime, a Fidelity data breach, phishing platform targets Microsoft 365 users, October Patch Tuesday, Pavel Durov said he's always cooperated with police, Highline Public Schools and CreditRiskMonitor updates, ADT and Casio suffered breaches
This week, Australia seized crypto from alleged Ghost mastermind, Taiwan drafts new AML rules, IcomTech founder sentenced, U.S. looks to recover stolen crypto, EigenLayer's erroneous fund transfer, FTX's bankruptcy plan approved, Bitfinex hack update and regulatory push for a lawsuit against Nvidia.
The nonprofit Internet Archive has been hit by hackers, who stole usernames and for 31 million accounts, including email addresses and bcrypt-hashed passwords. In recent days, the digital archive has also suffered defacement and repeat denial-of-service attacks.
Swiss utility giant Centralschweizerische Kraftwerke has transformed its legacy operational communication network with a hybrid multiservice platform. Yann Gosteli, head of secondary systems at CKW, shares how the company has built an operationally efficient network infrastructure.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.