US government software suppliers must attest their solutions are secure
The Office of Management and Budget (OMB) has issued a memo requiring US federal government agencies to use software that has been built according to secure software …
Government guide for supply chain security: The good, the bad and the ugly
Just as developers and security teams were getting ready to take a breather and fire up the BBQ for the holiday weekend, the U.S.’s most prestigious security agencies (NSA, …
Cyberattacks on healthcare organizations negatively impact patient care
Cynerio and the Ponemon Institute have examined the current impact of cyberattacks on healthcare facilities and network-connected IoT and medical devices, and found multiple …
Phishers use custom phishing kit to hijack MFA-protected enterprise Microsoft accounts
An ongoing, large-scale phishing campaign is targeting owners of business email accounts at companies in the FinTech, Lending, Insurance, Energy and Manufacturing sectors in …
USA’s plan to build its cyber workforce, improve skills-based pathways to cyber jobs
On July 19, 2022, National Cyber Director Chris Inglis hosted the National Cyber Workforce and Education Summit at the White House. The event focused on building the cyber …
CISA and NPower offer free entry-level cybersecurity training
NPower, a US-based non-profit participating in a cybersecurity workforce development program started by the Cybersecurity and Infrastructure Agency (CISA), is looking for …
Clearview fine: The unacceptable face of modern surveillance
The UK’s Information Commissioner’s Office (ICO) has issued its third largest ever fine of £7.5m. It was imposed on Clearview AI, the controversial facial recognition company …
Automotive hose manufacturer hit by ransomware, shuts down production control system
A US subsidiary of Nichirin Co., a Japan-based company manufacturing and selling automotive hoses and hose parts, has been hit with ransomware, which resulted in the shut down …
Fake voicemail notifications are after Office365, Outlook credentials
A phishing campaign using fake voicemail notifications has been and is still targeting various US-based organizations, in an attempt to grab employees’ Office365 and …
The cyber posture of the U.S. Federal Government
Government agencies are prime targets for attack due to the sheer amount of sensitive information they possess. As today’s geopolitical landscape continues to become …
U.S. DOJ will no longer prosecute good-faith security researchers under CFAA
The U.S. Department of Justice announced the revision of its policy regarding charging violations of the Computer Fraud and Abuse Act (CFAA), which says that, among other …
US warns of North Korean hackers posing as IT freelancers
Companies and other organizations should be careful when employing IT freelancers, lest they end up hiring North Korean hackers. The advice comes from the US Department of …