Security News

UK mulls making MSPs subject to mandatory security standards where they provide critical infrastructure
2022-01-20 17:15

NIS is the main law controlling security practices in the UK today. Currently a straight copy of the EU NIS Directive, one of the benefits of Brexit leapt upon by the Department for Digital, Culture, Media and Sport is the new ability to amend NIS's reporting thresholds.

Ukraine: Recent Cyber Attacks Part of Wider Plot to Sabotage Critical Infrastructure
2022-01-18 23:49

The coordinated cyberattacks targeting Ukrainian government websites and the deployment of a data-wiper malware called WhisperGate on select government systems are part of a broader wave of malicious activities aimed at sabotaging critical infrastructure in the country. "The attack used vulnerabilities in the site's content management systems and Log4j, as well as compromised accounts of employees of the development company," the SSU said, corroborating prior disclosure from the Ukraine CERT team.

International police shut down 15 server infrastructures as part of VPNLab.net's takedown
2022-01-18 17:01

Some 15 server infrastructures used by crims to prepare ransomware attacks were seized by cops yesterday as part of an international sting to take down VPNLab.net. The VPN provider's service gave users "Shielded communications and internet access" that was used in "Support of serious criminals acts such as ransomware deployment and other cybercrime activities," Europol said today.

The rising threat of cyber criminals targeting cloud infrastructure in 2022
2022-01-13 06:30

For threat actors, there is a simple calculus at play - namely, what method of attack is a) easiest and b) most likely to yield the biggest return? And the answer, at this moment, is Linux-based cloud infrastructure, which makes up 80%+ of the total cloud infrastructure. These attacks will undoubtedly continue into 2022 and potential targets parties must remain vigilant.

FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure
2022-01-12 02:47

Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and National Security Agency have laid bare the tactics, techniques, and procedures adopted by the adversaries, including spear-phishing, brute-force, and exploiting known vulnerabilities to gain initial access to target networks.

US govt warns of Russian hackers targeting critical infrastructure
2022-01-11 16:03

The FBI, CISA, and the NSA have warned critical infrastructure network defenders to be ready to detect and block incoming attacks targeting organizations from US critical infrastructure sectors, orchestrated by Russian-backed hacking groups. "In some cases, Russian state-sponsored cyber operations against critical infrastructure organizations have specifically targeted operational technology/industrial control systems networks with destructive malware."

Healthcare cloud infrastructure market size to reach $142 billion by 2028
2022-01-04 04:00

The global healthcare cloud infrastructure market size is expected to reach $142 billion by 2028, according to ResearchAndMarkets. The growing trend of healthcare digitalization, rising expenditures, overburdened health systems, rising traffic on the network, growing data siloes, and the emergence of remote working is contributing to the demand for healthcare cloud infrastructure systems and solutions.

Zero trust isn’t just for IT, it can also protect targeted critical infrastructure
2021-12-20 06:15

Let's examine some of the big challenges in OT security, and how zero trust can fix them. Zero trust is a security framework that assumes every user or device is a potential threat.

CISA warns critical infrastructure to stay vigilant for ongoing threats
2021-12-15 18:47

The Cybersecurity and Infrastructure Security Agency warned critical infrastructure organizations today to strengthen their cybersecurity defenses against potential and ongoing threats. "In the lead up to the holidays and in light of persistent and ongoing cyber threats, CISA urges critical infrastructure owners and operators to take immediate steps to strengthen their computer network defenses against potential malicious cyber attacks," the cybersecurity agency said [PDF].

Protecting your critical infrastructure is one thing…protecting your backups is the same thing
2021-12-03 19:43

If there's one thing we have a lot of, it's data. Veeam Software solution architect John Wood points out, "The data that you have today is obviously the most valuable data that you have."