Security News
US Cyber Command chief General Paul Nakasone said has revealed the agency he leads conducted nine "Hunt forward" operations last year, sending teams to different counties to help them improve their defensive security posture and hunt for cyberthreats. These missions provide "Security for our nation in cyberspace," said Nakasone, who is also director of the National Security Agency, during a Summit on Modern Conflict and Emerging Threats at Vanderbilt University.
Spain's prime minister and defense minister are the latest elected officials to detect Pegasus spyware on their mobile phones, according to multiple media reports quoting Spanish authorities. During a press conference on Monday, Félix Bolaños, the minister for the presidency, told reporters that cellphones of Spanish prime minister Pedro Sánchez and defense minister Margarita Robles were both infected by NSO's notorious surveillance software last year.
Ransomware operators have reimagined their business model with ransomware as a service, selling related services to other attackers through membership, subscription or customization. Learning from advanced persistent threat campaigns, threat actors are customizing ransomware attacks by using highly experienced attack teams that hit targeted victims with APT-like precision and capability.
CIS relies on the contributions of these passionate industry experts to create and maintain the CIS Benchmarks. To start these new mappings, CIS focused on two of the most downloaded CIS Benchmarks - Microsoft Windows 10 and Red Hat Enterprise Linux 7 - and drilled in to MITRE ATT&CKtechniques.
The US Department of Energy has announced that it will provide $12 million in funding to six university teams to develop defense and mitigation tools to protect US energy delivery systems from cyberattacks. Cybersecurity tools developed as a result of the six university-led research, development, and demonstration projects will focus on detecting, blocking, and mitigating attempts to compromise critical controls within the US power grid.
The number of phishing attacks worldwide jumped 29 percent last year as threat actors countered stronger enterprise defenses with newer methods, according to researchers with Zscaler's ThreatLabz research team. While the United States remained the country with the most phishing attempts, others are seeing faster growth in the number of incidents - exploiting new vectors like SMS and lowering the barrier of entry for launching attacks through pre-built tools made available on the market.
With risks accelerating in volume and variety, AMD belives that meaningful protection for today’s PCs require a carefully layered approach that relies on best-in-class security controls and...
In a September 2021 report from the nonprofit Cloud Security Alliance, nearly 70 percent of respondents - comprising 1,090 IT and security professionals - reported that their company's cloud security, IT operations and developer teams are misaligned on security policies and/or enforcement strategies. March 2021: The arts-and-crafts retailer Hobby Lobby left 138GB of sensitive customer information, source code for the company's app, and employee names and email addresses open to the public internet because of a cloud misconfiguration in its Amazon Web Services cloud database.
The war in Ukraine is in the second month of bloodshed and the broader impact of the conflict is being felt across the globe, as markets react to increased fuel prices and the consequences of Russia's growing political and economic isolation. The modus operandi of NATO leaders has been to contribute military and humanitarian aid to the Ukrainian government, while remaining below the threshold of direct engagement with Russia - a situation where the possibility of an escalation towards nuclear confrontation is evident in both the Kremlin's rhetoric and Russian doctrinal support for the use of nuclear munitions to end conventional conflict.
The CIS Controls are a set of 18 prioritized actions and 153 defensive measures known as Safeguards. The CIS Community Defense Model v2.0 was created to help answer that and other questions about the value of the Controls based on threat data from leading industry reports.