PRESS RELEASE
Washington, D.C. – U.S. Senator Ron Wyden, D-Ore., with Sens. John Fetterman, D-Penn., and Bill Cassidy, R-La., today introduced the Enhanced Cybersecurity for SNAP Act to upgrade the security of electronic benefit cards and protect families in need from thieves that have stolen millions worth of essential food benefits. …
Nation-state cyber threat groups are once again turning to USBs to compromise highly guarded government organizations and critical infrastructure facilities.
Having fallen out of fashion for some time, and certainly not helped by COVID lockdowns, USBs are once again proving an effective way for high-level threat actors to physically bypass security at particularly sensitive organizations.…
The volume of cyberattacks and online throats continually growing is helping to make getting cyber insurance the norm for many organizations. While insurance has typically been something the organization’s board of directors worked on with the CFO, the technical nature of cyber risk means the CISO is increasingly being asked to be part of the conversation.…
After US election integrity and security took center stage as a political football after the 2020 Presidential race, the Cybersecurity and Infrastructure Security Agency (CISA) is doing what it can to dispel security concerns around this year’s trip to the polls.
CISA officials said on Super Tuesday that the agency has set up an Election Operations Center in its Arlington, Va.,…
A 20-year-old Trojan resurfaced recently with new variants that target Linux and impersonate a trusted hosted domain to evade detection.
Researchers from Palo Alto Networks spotted a new Linux variant of the Bifrost (aka Bifrose) malware that uses a deceptive practice known as typosquatting to mimic a legitimate VMware domain, which allows the malware to fly under the radar.…
COMMENTARY
Artificial intelligence (AI) is challenging our preexisting ideas of what’s possible with technology. AI’s transformative potential could upend a variety of diverse tasks and business scenarios by applying computer vision and large vision models (LVMs) to usher in a new age of efficiency and innovation.…
A targeted watering-hole cyberattack linked to a Chinese threat group infected visitors to a Buddhism festival website and users of a Tibetan language translation application.
The cyber-operations campaign by the so-called Evasive Panda hacking team began September 2023 or earlier and affected systems in India, Taiwan, Australia, the United States, and Hong Kong, according to new research from ESET.…
COMMENTARY
Although it wasn’t called biometrics at the time, a rudimentary form of the technology emerged in 1901 when Scotland Yard adopted fingerprint classification to identify criminal suspects. The biometrics field has come a long way in the more than 120 years since then.
Public and private sector organizations now use it to identify and authenticate individuals to grant access to computer systems, such as laptops and tablets, and enterprise applications such as human resources or customer relationship management systems.…
Cybercriminals have developed an enhanced version of the infamous GhostLocker ransomware that they are deploying in attacks across the Middle East, Africa, and Asia.
Two ransomware groups, GhostSec and Stormous, have joined forces in the attack campaigns with double-extortion ransomware attacks using the new GhostLocker 2.0 to infect organizations in Lebanon, Israel, South Africa, Turkey, Egypt, India, Vietnam, and Thailand, as well as other locations.…
If you thought the software supply chain security problem was difficult enough today, buckle up. The explosive growth in artificial intelligence (AI) use is about to make those supply chain issues exponentially harder to navigate in the years to come.
Developers, application security pros, and DevSecOps professionals are called to fix the highest risk flaws that lurk in what seems like the endless combinations of open source and proprietary components that are woven into their applications and cloud infrastructure.…
A phishing kit dubbed CryptoChameleon has been discovered targeting cryptocurrency platforms, including employees of Binance and Coinbase — as well as the Federal Communications Commission (FCC).
According to an analysis from Lookout, the victims primarily use Apple iOS and Google Android devices with single sign-on (SSO) solutions, including Okta, Outlook, and Google.…
COMMENTARY
Long before I was a cybersecurity manager, I was an individual contributor. I made many mental notes for myself about what I liked and saw that worked well for teams to gel and thrive. I also experienced, lived through, and survived tougher situations, where a manager was not understanding his or her team 100% — and, thus, could not inspire them, let alone rise above day-to-day challenges.…
Most major economies in Africa experienced fewer overall cyber threats in 2023, but there were some dramatic exceptions: Kenya suffered a 68% rise in ransomware attacks, while South Africa saw a 29% jump in phishing attacks targeting sensitive information.
The overall trend is one of change.…
PRESS RELEASE
ORANGE COUNTY, Calif. and RICHMOND, Va., Feb. 28, 2024 /PRNewswire/ — Troutman Pepper has formalized an Incidents + Investigations Team that caters to a growing need for comprehensive legal services around data breaches and cybersecurity incidents. Comprising attorneys from coast-to-coast, the team offers clients 24/7 support in this critical area.
“The team tackles the legal, security, and communication challenges that companies encounter during a data or cybersecurity incident,” said Partner Sadia Mirza, co-leader of the Incidents + Investigations Team.…