President Joe Biden says the Russian government was not behind the ransomware attack that struck Colonial Pipeline Co. May 7, but he said attackers living in Russia were involved.
CISA is investigating whether five U.S. government agencies may have been breached when attackers exploited vulnerabilities in Pulse Connect Secure VPN products, according to a senior official. Security researchers believe that at least two nation-state groups have been attempting to exploit these flaws.
Several bipartisan congressional initiatives are seeking to expand the mission of the U.S. Cybersecurity and Infrastructure Security Agency. Here's a rundown of the details.
The FBI and CISA are warning of continued cyberthreats stemming from Russia's Foreign Intelligence Service, or SVR, which the Biden administration formally accused of carrying out the SolarWinds supply chain attack. A joint alert describes how Russian attackers are targeting vulnerable networks.
While the Biden administration is betting that the latest round of sanctions aimed at Russia and its economy will help deter the country's cyber operations, several U.S. agencies used the sanctions announcement as an opportunity to pull back the curtain on the tactics of Russia's Foreign Intelligence Service.
The Biden administration has formally sanctioned Russia over the cyber operation that targeted SolarWinds and its customers as well as the disinformation campaign against the 2020 U.S. elections. The NSA and other agencies also attributed the SolarWinds attack to Russia's Foreign Intelligence Service, or SVR.
Now that the Federal Reserve has issued a definition for synthetic ID fraud, fraud-fighting efforts likely will improve because it will be easier to identify red flags, some security experts say.
China, Russia, North Korea and Iran continue to pose significant cybersecurity threats to the U.S. because each is capable of launching disruptive attacks, according to a report published Tuesday by the Office of the Director of National Intelligence.
Two senators are pressing the Department of Homeland Security to explain why its Einstein system failed to detect the SolarWinds supply chain breach that affected agencies as well as corporations.
Cybersecurity weaknesses persist throughout the U.S. Department of Energy's unclassified networks, including those of the National Nuclear Security Administration, according to an inspector general audit.
CISA and the FBI warn in a new alert that unidentified nation-state actors are scanning for three vulnerabilities in Fortinet's operating system, FortiOS, to potentially target government agencies and companies for cyberespionage.
A Kansas man faces federal charges for allegedly accessing the network of a local water treatment facility and tampering with the systems that control the cleaning and disinfecting procedures, according to the Justice Department. The charges follow a similar security incident at a Florida facility.
Synthetic identity fraud is a pervasive yet ill-defined crime – hard to define as well as to detect. Greg Woolf of FiVerity discusses a recent initiative by the Federal Reserve in Boston to better define and therefore better manage SIF.
CISA is ordering federal executive branch agencies to rescan and recheck their networks by Monday for any signs of compromise related to the unpatched vulnerabilities in on-premises Microsoft Exchange email servers.
NIST has drafted guidelines for how to use its cybersecurity framework to address cyberthreats and other security issues that can target state and local election infrastructure and disrupt voting.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.