The U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) has added former DNC security chief Bob Lord to its roster of technical advisors.
Strike Security Scores Funding for ‘Perpetual Pentesting’ for SMBs
South American startup Strike Security has secured $5.4 million to fund an ambitious plan to disrupt the penetration testing and attack surface management business.
Many Industrial Firms Say Cybersecurity Systems Cause Problems to Operations
Despite an increase in cybersecurity incidents, many industrial organizations turn off security systems if they interrupt or otherwise impact operations, according to a global survey conducted earlier this year by Kaspersky.
Microsoft Patches 128 Windows Flaws, New Zero-Day Reported by NSA
Microsoft on Tuesday issued a warning for an in-the-wild zero-day attack hitting Windows users and raised eyebrows when it credited the U.S. government National Security Agency (NSA) with reporting the live exploitation.
OpenSSH Moves to Prevent ‘Capture Now, Decrypt Later’ Attacks
OpenSSH has joined the high-stakes fight to protect data from quantum computers.
The latest version of the widely used encryption and connectivity tool has been fitted with new features to prevent “capture now, decrypt later” attacks linked to advancements in quantum computing.
Several Companies Join Forces for New OT Cybersecurity Coalition
Several companies have joined forces to launch the Operational Technology Cybersecurity Coalition, which claims its goal is to help strengthen the defenses of industrial control systems (ICS) and critical infrastructure in the United States.
Academics Devise Side-Channel Attack Targeting Multi-GPU Systems
A group of academic researchers has devised a side-channel attack targeting architectures that rely on multiple graphics processing units (GPUs) for resource-intensive computational operations.
PCI Data Security Standard v4.0 Released to Address Emerging Threats
The PCI Security Standards Council (SSC), the organization that oversees the Payment Card Industry Data Security Standard (PCI DSS), this week announced the release of PCI DSS v4.0.
Checkmarx Finds Threat Actor ‘Fully Automating’ NPM Supply Chain Attacks
Threat hunters at Checkmarx on Monday raised an alarm after discovering a threat actor fully automating the creation and delivery of “hundreds of malicious packages” into the NPM ecosystem.
Chinese Hackers Seen Targeting Ukraine Post-Invasion
A known threat actor has launched what appears to be the first Chinese hacking attempts targeting Ukraine digital assets since the Russian invasion a month ago.