A pair of House committees this week said they want to spend additional millions on cybersecurity by injecting funds into CISA and the FTC, as part of the debate over the Biden administration's $3.5 trillion budget proposal for 2022. Part of the money would help fulfill Biden's executive order.
The need to act fast and respond to risks and threats has never been greater. On average it takes 73 days to contain a breach, and the average total cost is $3.92 million. Since 2020, security got a whole lot harder. Cybercriminals ramped up activity, eager to capitalize on confusion and profit from the pandemic....
The top three tactics attackers have been using to break into corporate and government networks are brute-forcing passwords, exploiting unpatched vulnerabilities, and social engineering via malicious emails, says security firm Kaspersky in a roundup of its 2020 incident response investigations.
A bipartisan group of lawmakers wants to better insulate the director of CISA from political pressure by giving the role a defined five-year term that could keep the agency's leader in place even when presidential administrations change. Currently, the position of CISA director lacks a set term.
Security experts say the notorious REvil - aka Sodinokibi - ransomware-as-a-service operation, which went dark in July, appears to be back in business. The group's data leak site and payment portal are back online, and one expert says the group appears to have begun amassing new victims.
This guide provides a practical path to improved ransomware readiness through unified
infrastructure, backup and data-intelligence.
With over 75% of organizations expected to be targets of ransomware attacks between now
and 2025, a path toward ransomware resilience must become the new normal. Organizations hit...
In the 20 years since the Sept. 11, 2001, al Qaida terrorist attacks on targets in the U.S., the need to shore up critical infrastructure and build resilience into systems remains a priority. But over the past two decades, concerns about physical threats have been displaced by cyber concerns.
The possibility of a terrorist group launching a massive Sept. 11, 2001-scale cyberattack against the U.S. or an ally has been a concern for years, but cybersecurity pros with a background in intelligence and military affairs say such worries are likely unwarranted.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how ransomware affiliates change operators and why terrorists aren't launching massive cyberattacks.
The United Nations says its networks were accessed by attackers earlier this year, leading to follow-on intrusions. One cybercrime analyst reports that he'd alerted NATO after seeing access credentials for one of its enterprise resource planning software systems for sale via the cybercrime underground.
The latest edition of the ISMG Security Report features an analysis of the most sought-after type of victim for ransomware-wielding attackers. Also featured: fighting extortion schemes and stress management tips.
"Silence is gold." So says ransomware operator Ragnar Locker, as it attempts to compel victims to pay its ransom demand without ever telling anyone - especially not police. But some ransomware-battling experts have been advocating the opposite, including mandatory reporting of all ransom payments.
Despite a recent slowdown in incidents and some cybercriminals claiming they have stopped or abandoned ransomware attacks, National Cyber Director Chris Inglis says it's "too soon to tell," if the behavior of these groups has changed permanently or if they are waiting for an opportunity to return.
Apparent Babuk ransomware operation spinoff Groove, self-described as being an "aggressive financially motivated criminal organization," has launched as part of the new RAMP cybercrime forum, and is promising affiliates a bigger share of profits than traditional ransomware-as-a-service operations.
The White House is preparing executive branch agencies to adopt "zero trust" network architectures by 2024, with CISA and the OMB overseeing the creation of technology road maps that departments must follow. This is a major component of President Biden's cybersecurity executive order.