Eleven U.S. senators are raising concerns about the Department of Energy's cybersecurity readiness as the department continues to investigate a breach related to the SolarWinds supply chain attack.
Four editors at Information Security Media Group review the latest cybersecurity issues, including Microsoft Exchange server hacks, insider threat management and implementing a "collective defense."
The SolarWinds supply chain attack demonstrates that Russian intelligence services have learned from previous operations and adjusted their tactics, says Dmitri Alperovitch, the former CTO of security firm CrowdStrike, which investigated Russian interference in the 2016 election.
The SolarWinds attack has cybersecurity leaders everywhere taking a hard look at third-party risk. But it’s one thing to have a fresh strategy and quite another to actually start holding vendors accountable for their own security. Jonathan Swanson of CyberGRX offers advice.
Attackers are exploiting a critical remote code vulnerability in F5 Networks' BIG-IP server network traffic security management platform, for which the company released patches on March 10. The vulnerability is considered highly critical.
If recent attacks have taught anything, it’s that defenses are insufficient, and no entity can stand alone against the forces of nation-state adversaries. It’s time for enhanced data sharing under the umbrella of collective defense, says Brett Williams, co-founder of IronNet Cybersecurity.
Four editors at Information Security Media Group - Tom Field, Anna Delaney, Mathew Schwartz and Tony Morbin - review this week’s most important cybersecurity developments, from nation-state threats and supply chain risk, to combating ransomware and adopting a zero trust strategy.
In light of recent supply chain attacks, many organizations need to improve mitigation of the risks posed by their vendors, says Tony Cook, head of threat intelligence at GuidePoint Security.
Citing national security concerns, the Federal Communications Commission is moving forward with legal proceedings to ban three Chinese-owned companies from providing telecommunications services in the U.S.
U.S. intelligence agency reports conclude that Russia and Iran tried to interfere in the 2020 presidential election via disinformation campaigns, but found "no indication that any foreign actor attempted to alter any technical aspect of the voting process," including voting results.
Hacking incidents - including ransomware attacks, phishing scams and episodes involving vendors - are still the dominant culprits in major health data breaches being reported to federal regulators so far this year. Why?
John Matherly, founder of Shodan, a search engine that can find devices connected to the internet using a variety of filters, explains why some cyber insurers and companies considering mergers and acquisitions are using the search engine to probe for network vulnerabilities.
Russian hackers apparently weren't the only ones targeting SolarWinds customers. An attack last year by the Spiral hacking group, believed to be based in China, against one organization used malware that targeted a vulnerability in SolarWinds' Orion software, according to the Secureworks Counter Threat Unit.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.