Security News

State and local governments will be required to spend a portion of nearly $1.9 billion in annual federal public safety grants on the fight against domestic extremism and improved cybersecurity, the Department of Homeland Security said Thursday. Secretary of Homeland Security Alejandro Mayorkas said it was the first time since the agency, which was created in response to the Sept. 11, 2001, terrorist attacks, had directed that domestic violent extremism be specified as a national priority in programs to help state and local law enforcement agencies respond to emergencies.

The murder of Washington Post columnist Jamal Khashoggi, which is said to be have been aided by digital surveillance, was ordered by the head of the Saudi Arabian government, US intelligence has publicly asserted. Last week, Uncle Sam's Office of the Director of National Intelligence released a statement fingering Crown Prince Mohammed bin Salman for orchestrating the killing, which a lawsuit claims was aided by tracking technology provided by spyware biz NSO Group.

I checked in with Morgan Wright, chief security advisor for SentinelOne, a cybersecurity provider; Chris Roberts, hacker in residence at Semperis, a cybersecurity provider; and Alexander García-Tobar, CEO and co-founder of Valimail, a secure email provider, to obtain their insights on what the new administration's cybersecurity priorities should be. As a leader in identity-based anti-phishing solutions, Valimail is particularly focused on email security best practices, as well as email security within the U.S. election infrastructure.

TikTok's Chinese parent company ByteDance has agreed to pay $92 million in a settlement to U.S. users who are part of a class-action lawsuit alleging that the video-sharing app failed to get their consent to collect data in violation of a strict Illinois privacy law. The federal lawsuit alleged that TikTok broke the Illinois biometric privacy law, which allows suits against companies that harvest consumer data without consent, including via facial and fingerprint scanning.

The US Federal Reserve suffered a massive IT systems outage today that prevented wire transfers, ACH transactions, and other services from operating. When performing a US wire transfer or ACH withdrawal/deposit, the transaction first goes through the Federal Reserve Bank systems who facilitate the transaction.

The US Federal Reserve suffered a massive IT systems outage today that prevented wire transfers, ACH transactions, and other services from operating. When performing a US wire transfer or ACH withdrawal/deposit, the transaction first goes through the Federal Reserve Bank systems who facilitate the transaction.

In what can only be described as a bad day for Boeing, not one but two of its planes suffered engine fire and began shedding parts along their respective flight paths. A Boeing 747-400 cargo plane flying from Maastricht Aachen airport in the Netherlands to New York on Saturday afternoon suffered an engine fire.

"It's really highlighted the investments we need to make in cybersecurity to have the visibility to block these attacks in the future," Anne Neuberger, the newly appointed deputy national security adviser for cyber and emergency technology said Wednesday at a White House briefing. President Joe Biden plans to release an executive order soon that Neuberger said will include about eight measures intended to address security gaps exposed by the hack.

The Center for Internet Security, a non-profit dedicated to securing IT systems and data, has announced the launch of free ransomware protection for US private hospitals through the Malicious Domain Blocking and Reporting service. "This capability can block the vast majority of ransomware infections just by preventing the initial outreach to a ransomware delivery domain," as CIS explains.

Insider breaches likely occur because most security solutions aren't equipped to defend a porous and scattered network. Cybercriminals are acutely aware of all the biases described above, so it becomes much more important to study how users interact with the network and design security strategies around it.