Security Newswire

As CISA kicks off Critical Infrastructure Security and Resilience Month, the agency is offering advice to critical infrastructure organizations on how to remain resilient.

Listen to Will Knehr, Senior Manager of Information Assurance and Data Privacy i-PRO Americas, explain how to effectively apply a zero trust mindset in the workplace.

Recent research shows that bots could disrupt Black Friday gaming sales.

Research reveals more than 6,000 domain registrations in the past 90 days, targeting the retail industry.

Research has unveiled a tool responsible for many recent GitHub phishing attacks.

Cybersecurity researchers have discovered a malicious Python package. 

Microsoft observed malicious activity targeting and stealing credentials from Microsoft customers. 

Google announced mandatory multi-factor authentication (MFA) is coming to Google Cloud accounts. Security leaders discuss the implications. 

The CISA Director, Jen Easterly, released a statement following the 2024 elections. 

A new report reveals that malicious actors are exploiting APIs in DocuSign to send fake invoices. 

Panelists at the “What Keeps Security Leaders Up at Night” panel will discuss what difficult security questions many leaders grapple with. 

The City of Columbus, Ohio, has notified 500,000 individuals that a ransomware attack in July 2024 stole their personal information.

Security leaders will discuss how geopolitical issues can create security incidents in an upcoming SECURITY 500 panel. 

At an upcoming 2024 SECURITY 500 Conference panel, security leaders will discuss the risks associated with third-party relationships and offer strategies for managing them.

A global operation called EMERALDWHALE has resulted in the theft of more than 15,000 cloud service credentials.

Linda Reid, Vice President of Security Operations at The Walt Disney World Resort, will deliver the keynote address at the SECURITY 500 Conference in Washington, D.C. this November.

Two-thirds (67%) of third-party energy sector breaches were caused by software and IT vendors. 

A report by Secureworks revealed a 30% year-over-year rise in active ransomware groups, which demonstrates fragmentation of an established criminal ecosystem.

Security leaders discuss the recent Cisco security incident. 

TLC Engineering Solutions with HOK was awarded SecuritySpecifiers’ 2024 Elliot A. Boxerbaum Award for excellence in security design.

Nearly all CISOs (99%) are worried about losing their positions if a breach occurs, with 77% of CISOs being very or extremely concerned.

In this episode of The Security Podcasts we sit down with Mark Landry, National Accounts Director at AMAROK, to discuss navigating multi-site risk assessment effectively.

According to a recent report, 53% of European organizations are confident employees are not properly utilizing generative AI.

67% of organizations are concerned that employees lack fundamental security awareness. 

A new macOS vulnerability could allow a malicious actor to evade an operating system’s Transparency, Consent, and Control (TCC) technology. 

The SEC has charged four public companies with misleading disclosures about cyber risks and intrusions.

In episode 25 of the Cybersecurity & Geopolitical Discussion, our trio of hosts pull apart the rapidly deteriorating situation in the Middle East.

A survey shows that nearly half (49%) of CISOs do not believe there is a future for them in this role. CISOs are sharing their insights on this statistic. 

Iranian cyber actors are targeting critical infrastructure entities via brute force.

Researchers at the University of Texas at Austin discovered a new attack method.