UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

News Analyses

A COVID-19 coronavirus cell impacts the statistical curve of a bar chart.

How the post-pandemic world will challenge CISOs

More permanent remote workers, requirements for protecting health data, and a more dangerous threat landscape await security teams as the COVID crisis ends.

succession brain sharing intellectual knowledge sharing

SolarWinds, Exchange attacks revive calls for mandatory breach notification, better information sharing

Strong two-way communication between government and the private sector combined with a clear national breach notification policy will put a dent in cybercrime, experts say.

‘FragAttack’ flaws threaten Wi-Fi, but not too seriously

A set of vulnerabilities in Wi-Fi’s basic design offers a long-standing and widespread threat vector, but the probability of compromise remains low.

President Joe Biden delivers remarks about the Colonial Pipeline hack. [Washington / 2021.05.13]

Biden administration releases ambitious cybersecurity executive order

Though lacking in definitional clarity, this new executive order might be more effective than past federal efforts, especially in the wake of the Colonial Pipeline attack.

video

What the Colonial Pipeline ransomware attack suggests about critical infrastructure security

The largest fuel pipeline in the United States, Colonial Pipeline, halted operations because of a ransomware attack. The attack was carried out by the cybercriminal group DarkSide. Much of the pipeline remains offline, although the...

Colonial Pipeline shutdown highlights need for better OT cybersecurity practices

Experts weigh in on what the Colonial attack teaches critical infrastructure providers about preparation and incident response.

backdoor / abstract security circuits, locks and data blocks

Previously undocumented backdoor targets Microsoft’s Equation Editor

RoyalRoad backdoor delivered via spear phishing was identified in an attack on a Russian-based defense contractor.

Task force proposes framework for combatting ransomware

A diverse coalition of experts from business and the public sector present 48 recommendations for solving the ransomware crisis, including international cooperation and regulating cryptocurrencies.

CISA issues guidance on defending against software supply chain attacks

The government makes recommendations for both organizations and software vendors to minimize the risk of software compromised by a criminal or foreign adversary.

Buying cyber insurance in 2021? Expect greater scrutiny, higher premiums

Increased frequency of cyberattacks and growing associated costs could mean higher premiums, tighter risk assessments, and changes in coverage this year.

video

Creating a multicloud security architecture: IDG's CIO Think Tank

IDG convened 30 senior IT executives as part of our CIO Think Tank Program to explore key opportunities and challenges with multicloud – including security issues IT leaders face in building a true multicloud architecture. Join us as...

power plant utilities energy innovation industrial iot american public power association unsplash

Biden administration releases 100-day plan to address electric system cybersecurity risks

The plan focuses largely on supply chain risks to the electric grid, requests input on the DOE's role in coordinating cybersecurity efforts.

Spy groups hack into companies using zero-day flaw in Pulse Secure VPN

Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.

FBI cleans web shells from hacked Exchange servers in rare active defense move

The FBI has been deleting backdoors placed by cyberespionage group Hafnium on Microsoft Exchange servers. The court order allowing them to do so signals a more active defense approach.

US sanctions Russian government, security firms for SolarWinds breach, election interference

The Biden administration places economic sanctions on Russian government organizations, individuals, and companies including several security firms.

Unitd States cybersecurity > U.S. flag with a digital network of locks instead of stars

Experts fear that Biden’s cybersecurity executive order will repeat mistakes of the past

President Biden is expected to issue an executive order soon in response to the SolarWinds and Exchange Server attacks. Leaked details suggest it might not focus on the most effective actions.

hacker linkedin scam romance scam on social media phishing heart

Top cybercrime gangs use targeted fake job offers to deploy stealthy backdoor

The Golden Chickens cybercriminal gang is believed to sell its more_eggs backdoor for spear phishing campaigns executed using information gleaned from victims' LinkedIn profiles.

backdoor / abstract security circuits, locks and data blocks

PHP backdoor attempt shows need for better code authenticity verification

Attackers were able to place malicious code in the PHP central code repository by impersonating key developers, forcing changes to the PHP Group's infrastructure.

Load More

Popular Resources

eBook
Sponsored

11 Monitoring Platform Capabilities for Enterprise DevOps Teams
eBook
Sponsored

5 Essential Elements of an Agile CMS
White Paper

Don't Take Cloud Security For Granted
eBook
Sponsored

Expert Clarity on DevOps Chaos
eBook
Sponsored

Key skills for corporate growth

See All

Most Popular

BrandPosts

Learn more

Sponsored by Fortinet

Driving Digital Innovations and High Performance On and Off the Race Track
Sponsored by Sophos

Changing the Narrative Around Attack Victim Shaming
Sponsored by ExtraHop

The Importance of Network Data in Cloud Workload Security