Security News > 2024 > February

The U.S. State Department said it's implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society...

NIST CSF is based on existing standards, guidelines, and practices for organizations to manage and reduce cybersecurity risk better. It was designed to foster risk and cybersecurity management communications amongst internal and external organizational stakeholders.

Today's pervasive cyberattacks are forcing the majority of companies to pay ransoms and break their 'do not pay' policies, with data recovery deficiencies compounding the problem, according to Cohesity. All respondents said they need over 24 hours to recover data and restore business processes, and just 7% said their company could recover data and restore business processes within 1-3 days.

In this article, we walk you through how to set up and use Enpass. For users looking at a password manager for their business, I suggest trying out the Enpass 14-day free trial for either the Starter or Standard Plan.

Google on Monday donated $1 million to the Rust Foundation specifically to improve interoperability between the language and C++. C++, a popular general purpose programming language, has arguably fallen out of fashion due to concerns over safety. Lars Bergstrom, director of Android platform tools and libraries and chair of the Rust Foundation Board, announced the grant and said that the funding will "Improve the ability of Rust code to interoperate with existing legacy C++ codebases."

With Enpass Individual, you get security alerts for website breaches and the ability to identify accounts with two-factor authentication. Yes, Enpass is a safe password manager to use in 2024.

Microsoft is investigating an issue that triggers Outlook security alerts when trying to open. ICS calendar files after installing December 2023 Patch Tuesday Office security updates.

Ivanti first disclosed the newest bug in the SAML component of of Ivanti Connect Secure and Ivanti Policy Secure appliances on January 31. "At the time of publication, the exploitation of CVE-2024-21893 appears to be targeted. Ivanti expects the threat actor to change their behavior and we expect a sharp increase in exploitation once this information is public - similar to what we observed on 11 January following the 10 January disclosure," Ivanti warned last week.

Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States. "The State Department is implementing a new policy today that will allow the imposition of visa restrictions on individuals involved in the misuse of commercial spyware," Blinken said.

Interview If you are responsible for infosec at a US hospital or other healthcare organization, and you treat the government's new "Voluntary" cybersecurity performance goals as, well, voluntary, you're ignoring the writing on the wall. "If you buy into the fact that voluntary doesn't mean you have to do something, you are probably going to be wrong. Voluntary goals become mandatory, and that has usually been the case with other rulemaking in healthcare as it relates to security."