UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

News

Conceptual image of a network of executives / silhouettes of executives in motion.

New US CISO appointments, May 2021

Keep up with news of CSO, CISO and other senior security executive appointments.

A COVID-19 coronavirus cell impacts the statistical curve of a bar chart.

How the post-pandemic world will challenge CISOs

More permanent remote workers, requirements for protecting health data, and a more dangerous threat landscape await security teams as the COVID crisis ends.

succession brain sharing intellectual knowledge sharing

SolarWinds, Exchange attacks revive calls for mandatory breach notification, better information sharing

Strong two-way communication between government and the private sector combined with a clear national breach notification policy will put a dent in cybercrime, experts say.

security threat / hacker / attack

‘FragAttack’ flaws threaten Wi-Fi, but not too seriously

A set of vulnerabilities in Wi-Fi’s basic design offers a long-standing and widespread threat vector, but the probability of compromise remains low.

President Joe Biden delivers remarks about the Colonial Pipeline hack. [Washington / 2021.05.13]

Biden administration releases ambitious cybersecurity executive order

Though lacking in definitional clarity, this new executive order might be more effective than past federal efforts, especially in the wake of the Colonial Pipeline attack.

User ID + password / credentials / authentication

SSO explained: How single sign-on improves security and the user experience

Single sign-on (SSO) is a centralized session and user authentication service in which one set of login credentials can be used to access multiple applications.

data pipeline primary

Colonial Pipeline shutdown highlights need for better OT cybersecurity practices

Experts weigh in on what the Colonial attack teaches critical infrastructure providers about preparation and incident response.

backdoor / abstract security circuits, locks and data blocks

Previously undocumented backdoor targets Microsoft’s Equation Editor

RoyalRoad backdoor delivered via spear phishing was identified in an attack on a Russian-based defense contractor.

locked data / bitcoins

Task force proposes framework for combatting ransomware

A diverse coalition of experts from business and the public sector present 48 recommendations for solving the ransomware crisis, including international cooperation and regulating cryptocurrencies.

vulnerable breach cyberattack hacker

CISA issues guidance on defending against software supply chain attacks

The government makes recommendations for both organizations and software vendors to minimize the risk of software compromised by a criminal or foreign adversary.

CSO > Invalidated cyber insurance

Buying cyber insurance in 2021? Expect greater scrutiny, higher premiums

Increased frequency of cyberattacks and growing associated costs could mean higher premiums, tighter risk assessments, and changes in coverage this year.

power plant utilities energy innovation industrial iot american public power association unsplash

Biden administration releases 100-day plan to address electric system cybersecurity risks

The plan focuses largely on supply chain risks to the electric grid, requests input on the DOE's role in coordinating cybersecurity efforts.

security threats and vulnerabilities

Spy groups hack into companies using zero-day flaw in Pulse Secure VPN

Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.

FBI Flag

FBI cleans web shells from hacked Exchange servers in rare active defense move

The FBI has been deleting backdoors placed by cyberespionage group Hafnium on Microsoft Exchange servers. The court order allowing them to do so signals a more active defense approach.

Russian hammer and sickle / binary code

US sanctions Russian government, security firms for SolarWinds breach, election interference

The Biden administration places economic sanctions on Russian government organizations, individuals, and companies including several security firms.

Unitd States cybersecurity > U.S. flag with a digital network of locks instead of stars

Experts fear that Biden’s cybersecurity executive order will repeat mistakes of the past

President Biden is expected to issue an executive order soon in response to the SolarWinds and Exchange Server attacks. Leaked details suggest it might not focus on the most effective actions.

Load More

Popular Resources

eBook
Sponsored

11 Monitoring Platform Capabilities for Enterprise DevOps Teams
eBook
Sponsored

5 Essential Elements of an Agile CMS
White Paper

Don't Take Cloud Security For Granted
eBook
Sponsored

Expert Clarity on DevOps Chaos
eBook
Sponsored

Key skills for corporate growth

See All

Most Popular

BrandPosts

Sponsored by Fortinet

Driving Digital Innovations and High Performance On and Off the Race Track
Sponsored by Sophos

Changing the Narrative Around Attack Victim Shaming
Sponsored by ExtraHop

The Importance of Network Data in Cloud Workload Security