The White House officially released its fiscal year 2022 budget proposal on Friday. The Biden administration is seeking to spend billions on cybersecurity, including $750 million for "lessons learned" from the SolarWinds attack. Officials also want to boost CISA's budget by $110 million.
You can see it in the latest high-profile attacks: Security requirements are ever more complex, exceeding the capacity of current protection capabilities. Enterprises need a new strategy for defending entry points, and Tom Sego of BlastWave believes he has it.
President Joe Biden signed an extensive executive order Wednesday that describes the government's plan to increase cybersecurity protection across the public and private sectors as well as secure the nation's infrastructure against the type of attack that targeted SolarWinds and its customers.
The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.
The latest edition of the ISMG Security Report features an analysis of whether the FBI removing malicious web shells from hundreds of compromised Microsoft Exchange Servers could set a precedent. Also featured is a description of an unusual fraud scam plus an update on security product development trends.
Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks, SAP and Onapsis Research Labs report. They note that patches for most of the flaws have been available for several years.
To deliver a secure infrastructure-as-code service, development teams must adopt a "shift left" strategy that brings all the applications and security under one umbrella to provide faster and continuous delivery of the fully automated code, according to Ori Bendet and Igor Markov of Checkmarx.
Cyberattacks can cause devastating
business disruptions and lead to
financial losses reaching hundreds
of millions of dollars.
The World Economic Forum’s 2020 Global Risk Report ranked
cyberattacks causing disruption to operations and critical infrastructure
among the top five increasing global risks....
French cybersecurity authorities are warning that widely used, open-source IT monitoring software called Centreon appears to have been hit by Russian hackers. But unlike the SolarWinds supply chain attack, in this campaign, attackers appear to have hacked outdated, unpatched versions of the software.
Our apps and services are expected to work quickly and seamlessly on any number of devices, from different kinds of networks and in different locations around the globe. Monitoring the infrastructure that supports those experiences - layers of interconnected technologies that become more complex every year - is key to...
Machine data is one of the most underused and undervalued assets of any organization, yet it contains powerful business and operational insights that can help you quickly diagnose service problems, detect advanced security threats and uncover the fingerprints of fraud.
Download this whitepaper to learn about:...
Independent bug hunters who find flaws in products and services often struggle to hand off their vulnerability report to someone in a position to get it fixed, says longtime security researcher Daniel Cuthbert. He describes steps organizations must take to be able to receive - and act on - bug reports.
A security researcher says voting equipment in the U.S. is still riddled with security flaws that opportunistic foreign adversaries could use to pose a threat to the November election. Meanwhile, the director of CISA calls Russian ransomware attacks one of the biggest threats to the election.