EDR deployments will be underway at more than half of federal civilian agencies by the end of September, according to federal officials. CISA is currently in the process of deploying EDR across 26 federal civilian agencies and expects to have work underway at 53 agencies by Sept. 30, 2022.
The latest edition of the ISMG Security Report reviews the latest cyber resilience "call to action" from the White House and also explores authentication provider Okta's failure to inform hundreds of customers in a timely manner that their data could have been stolen by the Lapsus$ group.
If Russia uses hack attacks to support its invasion, would Western governments want to immediately attribute those attacks or disruptions? Enter a Thursday alert from the U.S. government warning that it is "aware of possible threats to U.S. and international satellite communication networks."
With Ukraine having called on the world to join its "IT Army" and help it hack Russia and ally Belarus, what could possibly go wrong? For starters, launching distributed denial-of-service attacks - at least from outside Ukraine - remains illegal and risks triggering an escalation by Moscow.
As Western cybersecurity officials warn that Russia's Ukraine invasion poses an elevated cybersecurity risk to all, kudos to Cloudflare, CrowdStrike and Ping Identity for offering free endpoint security and other defenses to the healthcare sector and power sectors, for at least four months.
As Russia's ground invasion and air assault against Ukraine continues, so too do online attacks being launched against Ukrainian targets. A Ukrainian cybersecurity official says his country is fighting the first-ever "hybrid war" that bridges both the physical and online realms.
As Russia's invasion of Ukraine continues, what should global CISOs and security teams do to ensure that their organizations stay protected? Beyond following cybersecurity agencies' guidance, experts offer advice on how to brief the board of directors, appeal for resources, support teams and more.
With a Russian invasion of Ukrainian territory now ensuing, Ukraine's network defenders say they've prepared to safeguard critical assets, which are now centrally stored in its capital, Kyiv. Only time will tell whether Russian troops advance toward the city.
Russian troops invaded Ukraine after Russian President Vladimir Putin recognized the independence of two pro-Russia regions. But it's not clear if that military incursion alone will trigger strong sanctions by the U.S. and NATO allies or be backed by cyberattacks that target Ukraine or its allies.
Britain's National Cyber Security Center has launched a trial vulnerability management project called Scanning Made Easy, designed to empower small and midsize organizations to identify if critical software flaws are present in their IT infrastructure, so they can be targeted for remediation.
OMB on Wednesday released a federal strategy to move the U.S. government toward mature zero trust architectures. White House officials say the new strategy - with a focus on MFA, asset inventories, traffic encryption, and more - is a key step in delivering on Biden's May 2021 executive order.
Has the notorious REvil, aka Sodinokibi, ransomware operation rebooted as "Ransom Cartel"? Security experts say the new group has technical and other crossovers with REvil. But whether the new group is a spinoff of REvil, bought the tools, or is simply copying how they work, remains unclear.
U.S. President Joe Biden today signed a National Security Memorandum that aims to improve the cybersecurity of national security systems. The memo gives new powers to the NSA to oversee cybersecurity improvements such as the use of the multifactor authentication, encryption and endpoint detection services.
GAO auditors say in a new report that the federal government's response to both the SolarWinds software supply chain attack and the exploitation of Microsoft Exchange Servers in 2021 sharpened its coordination efforts, but also exposed information-sharing gaps.
Russian authorities have arrested 14 individuals suspected of being part of the notorious REvil, aka Sodinokibi, ransomware operation. Russia's Federal Security Agency, the FSB, said it used intelligence provided by the U.S. to help identify the suspects.