IoT device manufacturer Ubiquiti revealed in a security notice that an attacker had attempted to extort money from the company following a December 2020 cyber incident - a fact not mentioned in the company's earlier notice about the attack.
The lack of automation and actionable threat intelligence may be preventing enterprises from developing the fully functional Cyber Fusion Centers they envision. Anomali's Mark Alba shares ideas on how to change that.
Four editors at Information Security Media Group discuss important cybersecurity issues, including dealing with attacks targeting the aging Accellion File Transfer appliance and taking steps to enhance employee authentication.
CISA is ordering federal executive branch agencies to rescan and recheck their networks by Monday for any signs of compromise related to the unpatched vulnerabilities in on-premises Microsoft Exchange email servers.
An Israeli citizen who served as the administrator of the now-shuttered DeepDotWeb portal that connected internet users with dark web marketplaces selling malware, data and contraband has pleaded guilty to a money laundering conspiracy charge.
The ODP Corp. reports in a Securities and Exchange Commission 8-K filing that it has suffered a loss of about $28 million due to a March 1 cyber incident at its business services and supplies subsidiary, CompuCom, that forced the company to shut down some of its operations.
VMware has issued patches for two critical vulnerabilities in its IT operations management platform, vRealize Operations, which, if expoited, could allow attackers to steal administrative credentials.
Projects with potential cybersecurity components included in the Biden administration's $2 trillion infrastructure spending proposal include upgrading the aging and insecure electrical grid, addressing supply chain vulnerabilities and supporting research on artificial intelligence and quantum computing.
The U.K. Cyber Security Council, a new self-regulatory body for the cybersecurity education and skills sector, is designed to help "close the skills gap," says Claudia Natanson, board chair.
The Iranian-linked threat group TA453, also known as Charming Kitten and Phosphorus, conducted a phishing campaign, dubbed "BadBlood," in late 2020 that targeted senior U.S. and Israeli medical researchers in an attempt to obtain their Microsoft Office credentials, according to Proofpoint.
Although SolarWinds has released a second round of patches for flaws in its Orion network monitoring platform that was targeted in a supply chain attack, some security experts say organizations need to go far beyond patching to manage the risks involved.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.