The Department of Treasury and the Cybersecurity and Infrastructure Agency are soliciting comments on whether risks to critical infrastructure from a catastrophic cyber attack - and the concurrent potential for ruinous financial exposure by insurers - should lead to a new federal approach.
Chat app WhatsApp patched two memory-related flaw that could be exploited by an attacker as a first step to installing smartphone malware on Android or Apple devices. WhatsApp vulnerabilities can be highly valuable to malicious actors.
Jamf plans to buy startup ZecOps to extend its ability to detect and respond to sophisticated threats across Mac, iOS and Android devices. Jamf's proposed acquisition will provide threat hunting tools to determine if any advanced attacks have compromised mobile devices.
California Gov. Gavin Newsom on Tuesday signed into law two bills containing privacy protections for information related to reproductive health and abortion, in the wake of the Supreme Court's ruling overturning Roe v. Wade. Other states may follow suit.
A congressional deal will ensure the U.S. Food and Drug Administration can continue collecting fees from medical device manufacturers but at the price of dropping increased cybersecurity mandates for the industry. Requiring manufacturers to patch devices had bipartisan support.
A phishing email led to the spread of the Cryptolocker Trojan inside the court system of Chile, adding to a growing list of cyber disruptions affecting the South American country. Court officials stressed that the virus was contained before it could disrupt judicial proceedings.
The U.S. federal agency responsible for the ongoing functionality of the nuclear weapons stockpile hasn't gotten its arms around how to secure operational technology, says the Government Accountability Office. More than 200,000 unique pieces of OT are deployed across nuclear weapon centers.
Too often when software developers change jobs, they take source code they've written with them, feeling the code belongs to them even if it belongs to an employer. Code42's Joe Payne shares the challenges of detecting source code theft and ways to protect intellectual property wherever it resides.
Financial services firms in Africa are becoming bigger cyber targets as they expand into new mobile payment and financial inclusion products. Rob Dartnall of Security Alliance explains why these firms need to invest in information sharing, training and new cybersecurity practices to avoid breaches.
Google has long embraced zero trust architecture, and Google Workspace comes with zero trust built into it. Andy Wen of Google discusses the zero trust journey, where he sees enterprises struggle, and how Google Workspace customers can take advantage of the inherent zero trust elements.
Perennial leaders Fortinet and VMware and a surging Cisco set themselves apart from the pack in SD-WAN, according to the latest Gartner Magic Quadrant. Fortinet and VMware again took the gold and silver in ability to execute, with Cisco leapfrogging both Versa and Palo Alto to capture the bronze.
In the latest weekly update, ISMG editors discuss the industrywide implications of a teenager hacking into Uber's internal systems, key trends in the new Gartner SD-WAN Magic Quadrant report, and how ethics and security culture are center stage due to recent CISO revelations at Uber and Twitter.
As budgets tighten in anticipation of economic hardships, cybersecurity threats only continue to grow. Bill Bernard, CISSP of Deepwatch, advises security leaders to consider how senior management and the board view cybersecurity and then adjust how you prioritize people, technology and managed services.
Configuration Management Databases (CMDBs) like ServiceNow are essential tools for IT decision making. They enable a variety of powerful workflows for managing and automating your IT and security controls.
But getting accurate, up-to-date asset records into the CMDB, is a significant challenge: it's a time-consuming...
The chief executive of Portugal's state-owned airline said she will not negotiate with hackers even as the Ragnar Locker ransomware-as-a-service group posted online the data of 1.5 million customers. "We hope you support us in this ethical attitude," said Christine Ourmières-Widener.