News

Aerial view of the United States as a nationwide grid.

Executive order boots “foreign adversaries” from US electric grid over security concerns

White House action implies that China is "creating and exploiting" vulnerabilities in the US power grid. Experts say hardware backdoors have the potential for doing significant damage.

a clock half-submerged in water

Cloud configuration drift leaves organizations open to attack, research finds

Undocumented cloud configuration changes, whether done by attackers or for legitimate business reasons, present a significant security threat.

intro security vulnerability

Cisco and Palo Alto Networks appliances impacted by Kerberos authentication bypass

The shared vulnerability could enable man-in-the-middle attacks, and it could exist on other devices. Patch now.

COVID-19 contact tracing app

4 critical issues surrounding contact-tracing apps

As countries rush to release contact-tracing apps, experts fear a lack of security and privacy controls.

Microsoft  >  RDP | Remote Desktop Protocol vulnerabilities  >  caution / danger / admin login

Attacks against internet-exposed RDP servers surging during COVID-19 pandemic

Two new reports show a dramatic increase in cyber attacks that target open RDP ports as more people work remotely.

water infrastructure / wastewater treatment facility / sewage treatment plant

Attempted cyberattack highlights vulnerability of global water infrastructure

Water utilities often have few cybersecurity resources and are subject to few regulations. A failed Stuxnet-like attack on Israel's water supply shows how dangerous that could be.

A roll of hundred dollar bills sits atop a silhouette of virus morphology.

Salesforce unveils tools for a post-pandemic return to the office

Work.com contains apps and information resources to support organizations as business looks to resume operations in many countries.

Blazing, fiery cloud raining binary code.

Cloud servers hacked via critical SaltStack vulnerabilities

Attackers were quick to exploit recently announced vulnerabilities to deploy cryptominers. Patch Salt now.

coronavirus covid 19 pandemic disease binary map world 5060518 by mintblack4u pixabay cc0 2400x1600

COVID-19 attack campaigns target hardest hit regions, research shows

Attackers shift their focus to where coronavirus infections are rising and use tactics that make their efforts hard to block.

young man on video conference coronavirus remote communication telecommuting by gcshutter getty ima

Update: Coronavirus prompts collaboration tool makers to offer wares for free

Several vendors, including Microsoft, Google, Slack, Zoom, Cisco and LogMeIn, are making chat, videoconferencing and other collaboration services free as demand for remote working booms.

Android mobile phone code

Android security: Patching improves, but fragmentation challenges remain

A new report shows that Android mobile device manufacturers are getting better at patching the OS, but patching levels vary across models and vendors.

health doc connect care telemedicine

Telehealth booms amid COVID-19 crisis; virtual care is here to stay

The coronavirus pandemic that has erupted worldwide has pushed telehealth to the forefront. It's unlikely remote medicine will go away, even after the current crisis abates.

Election security  >  Backlit hand drops a vote in a ballot box with US flag + binary code overlay

No election security funding in latest round of stimulus funding

Doubts raised about funding for 2020 election security and mail-in voting as money omitted from the latest stimulus bill.

podcast image template

Podcast: Is end-to-end encryption for videoconferencing important?

More people are relying on videoconferencing software to do their jobs and chat with friends and family. This uptick in use highlighted some security concerns like “Zoombombing” and the lack of end-to-end encryption in popular...

protective shield / binary code / COVID-19 coronavirus morphology

Legions of cybersecurity volunteers rally to protect hospitals during COVID-19 crisis

The COVID-19 Cyber Threat Intelligence League and other groups cooperate with the industry, law enforcement, and the government to prevent attacks on healthcare providers.

A United States postage stamp displayed against a background of red, white and blue question marks.

Mail-in ballots during COVID crisis necessary, but with risk says expert

Noted election security researcher Harri Hursti says mail-in voting is likely the only option for a safe, secure US presidential election, but voter and election worker training needed.

Zero-trust

Google enters zero-trust market with BeyondCorp Remote Access offering

Google makes its internal zero-trust access infrastructure available to anyone on a subscription basis as an alternative to VPNs.

Cryptojacking  >  Binary skull, code and bitcoin symbols invade systems as malware

RubyGems typosquatting attack hits Ruby developers with trojanized packages

Attacker targeted Windows systems to hijack cryptocurrency transactions, and was able to evade anti-typosquatting measures.

Scanning for vulnerabilities.

New platform AttackerKB gives defenders more context on vulnerabilities

Real-world input from pen testers and other members of the security community aims to help defenders make better assessments of vulnerability risks.

smart city - wireless mobile network

Trump administration moves to revoke China Telecom's US licenses on security grounds

A legal filing claims China Telecom is in violation of federal and state cybersecurity and privacy laws, but evidence is redacted.

Load More