Blog - Cyber Security Informer

Italy announced its National Cybersecurity Strategy 2022/26

Security Affairs

MAY 26, 2022

Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. Preventing online disinformation in a broader context of the hybrid threat; Management of cyber crises; National and European strategic digital sector autonomy.

Cybersecurity

Cybersecurity Cyber threats Technology Government

FISMA Compliance: A Complete Guide to Navigating Low, Moderate, and High Levels

Centraleyes

APRIL 22, 2024

The Federal Information Security Modernization Act (FISMA) establishes a comprehensive strategy for enhancing the cybersecurity posture of federal agencies. Department of Commerce responsible for developing and promoting standards and guidelines to enhance the security and interoperability of information systems.

Risk

Risk Information Security Encryption Cybersecurity

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

The Last Watchdog

APRIL 19, 2022

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances. national security secrets. national interests.

Risk

Risk Government

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

Security Affairs

MAY 28, 2022

The experts were able to locate the C2 infrastructure used by the nation-state actors. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. defective88.maizuko.**

DDOS

DDOS Malware Phishing Hacking

DoD Adds Two More (ISC)² Certifications to Requirements for Cybersecurity Staff

CyberSecurity Insiders

JUNE 30, 2021

This means that the entire roster of (ISC)² certifications are now required for different security workforce categories within the Department, depending on the functional area the role covers. The HCISPP has been approved for the following categories: Information Assurance Manager Level 1 (IAM 1).

Cybersecurity

Cybersecurity Healthcare Engineering Government

Nation-state malware could become a commodity on dark web soon, Interpol warns

Security Affairs

MAY 24, 2022

Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary General Jurgen Stock declared that nation-state malwre will become available on the darknet in a couple of years. SecurityAffairs – hacking, nation-state malware). Pierluigi Paganini.

Malware

Malware Cybercrime Government Engineering

Experts warn of ransomware attacks against government organizations of small states

Security Affairs

MAY 31, 2022

Small states are easy targets due to the low level of security of their critical infrastructure due to the low budget to protect them. Regardless, the global cybersecurity fraternity and policymakers must closely monitor ransomware gangs mobilizing their resources to strike at these nation’s foundations.” Pierluigi Paganini.

Government

Government Ransomware Cybercrime Banking

Security Affairs newsletter Round 367 by Pierluigi Paganini

Security Affairs

MAY 29, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?. Pierluigi Paganini.

InfoSec

InfoSec Spyware DDOS Firewall

How Machine Learning Can Accelerate and Improve the Accuracy of Sensitive Data Classification

Thales Cloud Protection & Licensing

DECEMBER 11, 2023

This blog will explain how Thales is enhancing CipherTrust Data Discovery and Classification (DDC) with ML models that help analyze data, learn from insights, and improve results. CipherTrust DDC uses a ML model for category classification to identify with high probability whether a document is healthcare, finance, legal or HR related.

Unstructured Data

Unstructured Data Data privacy Healthcare Banking

Security Affairs newsletter Round 369 by Pierluigi Paganini

Security Affairs

JUNE 12, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?. Pierluigi Paganini.

Ransomware

Ransomware DNS Cybercrime Hacking

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

Security Affairs

JUNE 13, 2022

Nation-state actors are targeting media organizations in Ukraine, including radio stations, and newspapers. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Media

Media Government Hacking Cybersecurity

Pro-Russian hacker group KillNet plans to attack Italy on May 30

Security Affairs

MAY 29, 2022

” The Italian CSIRT has published an alert to warn of potential risk of cyber attacks against national bodies and organizations has been identified. Stay tuned … Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?.

Banking

Banking Cyber Attacks Media Hacking

Russia-linked Turla APT targets Austria, Estonia, and NATO platform

Security Affairs

MAY 23, 2022

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2004 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations. org jadlactnato.webredirect[.]org. Pierluigi Paganini.

Government

Government Hacking Cybersecurity Information Security

Internationa police operation led to the arrest of the SilverTerrier gang leader

Security Affairs

MAY 25, 2022

The persistence of national law enforcement agencies, private sector partners and the INTERPOL teams all contributed to this result, analysing vast quantities of data and providing technical and live operational support,” Mr Pillot added. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Cybercrime

Cybercrime Healthcare Cybersecurity Phishing

Three Nigerian men arrested in INTERPOL Operation Killer Bee

Security Affairs

MAY 30, 2022

The operation Killer Bee involved INTERPOL’s General Secretariat headquarters and National Central Bureaus (NCBs) and law enforcement agencies from 11 countries across Southeast Asia. . Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?.

Cybercrime

Cybercrime Malware Hacking Cybersecurity

Another nation-state actor exploits Microsoft Follina to attack European and US entities

Security Affairs

JUNE 6, 2022

A nation-state actor is attempting to exploit the Follina flaw in a recent wave of attacks against government entities in Europe and the U.S. An alleged nation-state actor is attempting to exploit the recently disclosed Microsoft Office Follina vulnerability in attacks aimed at government entities in Europe and the U.S.

Phishing

Phishing Government Cybersecurity Hacking

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

This activity was uncovered by Microsoft’s Threat Intelligence Center (MSTIC), which tracks the world’s nation-state and cybercrime actors so we can better protect our customers. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Pierluigi Paganini.

Phishing

Phishing Manufacturing Education Cybercrime

Russia-linked Fronton botnet could run disinformation campaigns

Security Affairs

MAY 23, 2022

” reads the analysis published by the security firm NISOS. The botnet was developed to interact with multiple social media platforms, including Blog Sites, Media Sites, Forums (various engines), Sites (various engines). The man claimed he was a member of a group that is directed linked to the notorious nation-state actor APT28.

DDOS

DDOS Media Hacking Engineering

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

The Last Watchdog

AUGUST 29, 2022

Password security may seem like a simple solution for a huge problem, but it may be difficult to successfully implement in practice. Without strong, secure passwords or two-factor authentication ( 2FA ) enabled in an organization or startup, it becomes easy for attackers to access stolen credentials on their web and email servers.

Hacking

Hacking Passwords Password Management Data breaches

Let’s give a look at the Dark Web Price Index 2022

Security Affairs

JUNE 15, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Identity Theft

Identity Theft Accountability DDOS Cybercrime

The Art of (Cyber) War

Approachable Cyber Threats

AUGUST 10, 2022

Category Awareness, Case Study, Vulnerability. In the modern age, nation states are expanding the battlefield with targeted cyber attacks on their adversaries. Nation states have always sought advantages to increase their geopolitical power and secure their interests both domestically and abroad. Risk Level.

DDOS

DDOS Cyber Attacks Government Hacking

Red TIM Research discovers a Command Injection with a 9,8 score on Resi

Security Affairs

JUNE 6, 2022

Is one of the few Italian companies, that creates national technology. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. RESI S.p.A. Plus RESI S.p.A.

Software

Software Architecture Technology Engineering

DOD ADDS TWO MORE (ISC)² CERTIFICATIONS TO REQUIREMENTS FOR CYBERSECURITY STAFF

CyberSecurity Insiders

JULY 2, 2021

This means that the entire roster of (ISC)² certifications are now required for different security workforce categories within the Department, depending on the functional area the role covers. The HCISPP has been approved for the following categories: Information Assurance Manager Level 1 (IAM 1).

Cybersecurity

Cybersecurity Healthcare Engineering Government

New White House Announcement on the Vulnerability Equities Process

Schneier on Security

NOVEMBER 17, 2017

You can read the new policy or the fact sheet , but the best place to start is Cybersecurity Coordinator Rob Joyce's blog post. We also clarify what categories of vulnerabilities are submitted to the process and ensure that any decision not to disclose a vulnerability will be reevaluated regularly. Improved transparency is critical.

Government

Government Cybersecurity Accountability Software

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

The nation-state actors exploit publicly known vulnerabilities to compromise the target infrastructure. . Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Telecommunications

Telecommunications Authentication Passwords Accountability

NIS2 Framework: Your Key To Achieving Cybersecurity Excellence

Centraleyes

JANUARY 21, 2024

As a global trailblazer in information security and data protection regulation, the EU continues to lead the way in comprehensive cybersecurity standards. National Implementation Deadline: Member states are mandated to incorporate the provisions of the NIS2 directive into their national laws by October 17, 2024.

Cybersecurity

Cybersecurity Energy and Utilities Cyber threats Risk

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

The latest samples of this spyware were detected by the researchers in April 2022, four months after a series of nation-wide protests against government policies that were violently suppressed. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Pierluigi Paganini.

Spyware

Spyware Surveillance Telecommunications Mobile

Cybersecurity Report: June 29, 2015

SiteLock

AUGUST 27, 2021

LOT, the Polish national airline, announced on Sunday that it cancelled 10 flights due to the cyber attack towards its ground computer systems at Warsaw’s Okecie airport. The annual talk was around topics including cyber security, maritime security, military relations, missile defence, nuclear policy and space security.

Cybersecurity

Cybersecurity Surveillance Government Consumer Protection

Unmasking the Cracks of Today’s Cyber Defence

Jane Frankland

OCTOBER 31, 2023

However, new research from e2e-assure has revealed that few organisations are taking full advantage of security technologies available today. As the attack surface continues to grow and attackers adapt their methods using new AI tools like Generative AI, a new category of hybrid threats has emerged.

CISO

CISO Threat Detection Cyber threats Cybercrime

Cybersecurity and Data Protection lessons from a look back at 2021

BH Consulting

JANUARY 11, 2022

In that spirit, we’ve rounded up five of our most popular blogs from the past year. From ransomware and scams to security frameworks and employee privacy, our 2021 ‘greatest hits’ show how broad the areas of cybersecurity and data protection can be. Under the GDPR, fingerprints fall under the category of biometric data.

Cybersecurity

Cybersecurity Insurance Scams Cyber Risk

Magnificent Seven: Celebrating Great Women in Cybersecurity and Data Protection

BH Consulting

MARCH 8, 2024

The situation is improving, and the proof is that we don’t have to look hard to find those doing outstanding work in security and data protection. Government’s cybersecurity and infrastructure security agency (CISA) and is the first woman to hold the role. And the percentage is even lower when it comes to senior leadership roles.

Cybersecurity

Cybersecurity Social Engineering Healthcare Data privacy

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

In addition, the state is home to 16 nationally designated cybersecurity Centers of Excellence and a state university and college system that graduates more cyber-degreed engineers than any other state. The state counts approximately 109,000 cyber engineers.

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

Understanding the Key Updates in NIST Cybersecurity Framework 2.0

Centraleyes

MARCH 18, 2024

When the guys at the National Institute of Standards and Technology (NIST) released the inaugural Cybersecurity Framework in February 2014, it did not include a batch of questions that were almost certainly on their minds but not in the framework. This function covers the following outcomes: platform security (i.e., compliance.

Cybersecurity

Cybersecurity Government Risk Technology

Why BYOD Is the Favored Ransomware Backdoor

eSecurity Planet

JANUARY 11, 2024

Ransomware remains just one of many different threats and as security teams eliminate key vectors of attack, adversaries will shift tactics. Unmanaged devices consist of any device that connects to the network, cloud resources, or other assets without corporate-controlled security. What Are Unmanaged Devices?

Ransomware

Ransomware Encryption IoT VPN

Nine Top of Mind Issues for CISOs Going Into 2023

Cisco Security

JANUARY 10, 2023

Using this information, last year I wrote a blog summing up the nine top of mind issues I believed will most impact CISOs as we headed into 2022. For more practical advice on this topic, I also wrote a blog on some of the challenges and opportunities within the cyber liability insurance market back in June which you can read here.

CISO

CISO Insurance Cyber Insurance Phishing

How Do You Quantify Risk? Best Techniques

Centraleyes

FEBRUARY 13, 2024

This blog aims to serve as a guide to navigating the intricate terrain of cyber risk quantification, providing insights into its significance, methodologies, and the transformative impact it can have on organizational cybersecurity strategies. Remember that third-party security breaches affect your bottom line.

Risk

Risk Cyber Risk Cybersecurity Penetration Testing

Introduction to the NIST AI Risk Management Framework (AI RMF)

Centraleyes

JANUARY 24, 2024

Secure and Resilient Ensuring the security and resilience of AI systems and their ecosystems is paramount. Security goes beyond resilience, encompassing protection against unauthorized access and use. Common security concerns include adversarial examples, data poisoning, and intellectual property exfiltration.

Risk

Risk Artificial Intelligence Government Accountability

HIPAA Compliance for Healthcare Apps

Security Boulevard

NOVEMBER 2, 2021

According to the Office of the National Health Coordinator for Health Information Technology (ONC) , 1 in 8 Americans tracked a health metric using some form of technology in 2013. As healthcare providers increased their use of technology during the COVID pandemic, securing health applications is more important than ever.

Healthcare

Healthcare Insurance Technology Software

How Diversity and Inclusion Initiatives Can Reduce Cyber Risk

Centraleyes

NOVEMBER 26, 2023

In the aftermath of the national reckoning on racial justice ignited by the tragic events involving George Floyd, it became evident that despite good intentions, the cybersecurity sector had not tackled the field’s predominantly white and male composition.

Cyber Risk

Cyber Risk Risk Cybersecurity Cyber threats

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

Privacy and Cybersecurity Law

JUNE 23, 2021

The newly adopted Regulation on notification of security incidents. Classification of security incidents and notifications. Starting from January 1, 2022 [2] , the Operators included in the NCSP will be required to notify incidents to the Inter-ministerial Committee for the Security of the Republic (“ CSIRT ”).

Cybersecurity

Cybersecurity Architecture Data breaches Technology

Exploring the Relationship between Company Culture and Insider Threats

CyberSecurity Insiders

OCTOBER 1, 2021

Security teams are trained to take decisive action when an attacker is detected. September is National Insider Threat Awareness Month, a month created by several US government agencies to bring awareness to the dangers of insider threats in both the public and private sector. Company Culture and Insider Threats are Related.

Technology

Technology Phishing Risk Cybersecurity

The Cybersecurity Executive Order: the first 120 days

Security Boulevard

SEPTEMBER 13, 2021

On June 2 and 3, 2021, the National Institute of Standard and Technology (NIST) held a workshop where it consulted with federal agencies, the private sector, academics, and other stakeholders to start working on a definition of Critical Software. Security Measures for EO-critical software use. Security training.

Cybersecurity

Cybersecurity Software Technology Risk

Cybersecurity in 2022, Predictions for digital ecosystem facing more challenges and sophisticated threats

CyberSecurity Insiders

DECEMBER 7, 2021

This blog was written by an independent guest blogger. I have divided my 2022 predictions into two categories. In recent years, hackers and nation state adversaries have gained a deeper knowledge of industrial control systems and how they can be attacked and how weaponized malware can be deployed. Strategic, and Tactical.

Cybersecurity

Cybersecurity IoT Artificial Intelligence Cyber threats

Mastering the German Federal Data Protection Act (BDSG-New): A Deep Dive

Centraleyes

DECEMBER 4, 2023

This blog post will dive into these questions, providing all the essential details. History of data privacy in Germany Germany’s journey in data protection dates back to post-World War II, with Hesse passing the world’s first national data protection law.

Data privacy

Data privacy Risk Telecommunications Big data

Italy announced its National Cybersecurity Strategy 2022/26

FISMA Compliance: A Complete Guide to Navigating Low, Moderate, and High Levels

Trending Sources

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

DoD Adds Two More (ISC)² Certifications to Requirements for Cybersecurity Staff

Nation-state malware could become a commodity on dark web soon, Interpol warns

Experts warn of ransomware attacks against government organizations of small states

Security Affairs newsletter Round 367 by Pierluigi Paganini

How Machine Learning Can Accelerate and Improve the Accuracy of Sensitive Data Classification

Security Affairs newsletter Round 369 by Pierluigi Paganini

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

Pro-Russian hacker group KillNet plans to attack Italy on May 30

Russia-linked Turla APT targets Austria, Estonia, and NATO platform

Internationa police operation led to the arrest of the SilverTerrier gang leader

Three Nigerian men arrested in INTERPOL Operation Killer Bee

Another nation-state actor exploits Microsoft Follina to attack European and US entities

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Russia-linked Fronton botnet could run disinformation campaigns

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

Let’s give a look at the Dark Web Price Index 2022

The Art of (Cyber) War

Red TIM Research discovers a Command Injection with a 9,8 score on Resi

DOD ADDS TWO MORE (ISC)² CERTIFICATIONS TO REQUIREMENTS FOR CYBERSECURITY STAFF

New White House Announcement on the Vulnerability Equities Process

China-linked threat actors have breached telcos and network service providers

NIS2 Framework: Your Key To Achieving Cybersecurity Excellence

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Cybersecurity Report: June 29, 2015

Unmasking the Cracks of Today’s Cyber Defence

Cybersecurity and Data Protection lessons from a look back at 2021

Magnificent Seven: Celebrating Great Women in Cybersecurity and Data Protection

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

Understanding the Key Updates in NIST Cybersecurity Framework 2.0

Why BYOD Is the Favored Ransomware Backdoor

Nine Top of Mind Issues for CISOs Going Into 2023

How Do You Quantify Risk? Best Techniques

Introduction to the NIST AI Risk Management Framework (AI RMF)

HIPAA Compliance for Healthcare Apps

How Diversity and Inclusion Initiatives Can Reduce Cyber Risk

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

Exploring the Relationship between Company Culture and Insider Threats

The Cybersecurity Executive Order: the first 120 days

Cybersecurity in 2022, Predictions for digital ecosystem facing more challenges and sophisticated threats

Mastering the German Federal Data Protection Act (BDSG-New): A Deep Dive

Stay Connected