Cyber threats, Government and InfoSec - Cyber Security Informer

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

MAY 30, 2022

leaving organizations vulnerable to cyber threats. Related: Deploying employees as threat sensors. Fundamentally, cybersecurity professionals identify weaknesses and design systems and processes to protect any organization — government agencies, private companies — from cyberattacks. And it works.

Cybersecurity

Cybersecurity InfoSec Education Government

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

SecureWorld News

FEBRUARY 5, 2025

Key findings: the cyber threat landscape in 2025 1. Leverage cyber insurance to mitigate financial risks associated with supply chain attacks. Address the talent shortage with focused initiatives Expand government incentives for cybersecurity education and mid-career training. Joint Cyber Defense Collaborative (JCDC).

InfoSec

InfoSec Cybersecurity Energy and Utilities Education

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation’s burgeoning and highly competitive cybersecurity industry. A marketing slide deck promoting i-SOON’s Advanced Persistent Threat (APT) capabilities.

Government

Government Hacking Cyber threats Mobile

UN Breach Highlights Escalation of Cyber Threats

Security Boulevard

SEPTEMBER 9, 2021

The post UN Breach Highlights Escalation of Cyber Threats appeared first on Security Boulevard. The report claims that Russian-speaking cybercriminals sold access to the UN systems for months—from April through August of 2021.

Cyber threats

Cyber threats Authentication Passwords InfoSec

Are our infosec controls sufficient?

Notice Bored

JUNE 25, 2021

begging questions about which infosec-related matters are particularly important, and how they stack up in relation to other business priorities, issues, pressures etc. An example of this is the way customers typically probe into the information security, privacy and governance arrangements, the financial stability, capability etc.

InfoSec

InfoSec Risk Information Security Government

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

Nation-states and geopolitical tensions are increasingly fuelling modern cyber threats. According to Microsoft’s Digital Dfense Report 2024 , 37% of the 600 million attacks they face daily can be attributed to nation-state threat actors. For industries tied directly to national security, the stakes rise even higher.

Cyber Risk

Cyber Risk CISO Risk Encryption

Why Governments Worldwide Recommend Protective DNS

Security Boulevard

AUGUST 7, 2024

HYAS Protect protective DNS uses advanced data analytics to proactively block cyber threats, a feature unavailable in legacy systems relying on static DNS filtering. Protective DNS Is Trusted by Governments Worldwide Protective DNS is one of the most effective strategies in modern cybersecurity. What Is HYAS Protect?

DNS

DNS Government Cyber threats IoT

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks. Cybersecurity News) How to mitigate buffer overflow vulnerabilities (Infosec Institute) How to prevent buffer overflow attacks (TechTarget) VIDEOS What is a Buffer Overflow Attack? This week, the U.S.

Banking

Banking Cybercrime Cybersecurity Ransomware

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Related: Long run damage of 35-day government shutdown. Why we’re in the ‘Golden Age’ of cyber espionageThe fact is cyber criminals are expert at refining and carrying out phishing, malvertising and other tried-and-true ruses that gain them access to a targeted victim’s Internet-connected computing device.

Passwords

Passwords Password Management Antivirus Internet

The Rise of Data Sovereignty and a Privacy Era

SecureWorld News

JUNE 24, 2024

D – Data characterization, governance, and remediation Characterization of data automatically (baseline and continuously) is vital for data protection and mitigation of business risk from operational and compliance perspectives. Detect and protect against cyber threats. is essential. Enforce data classification policies.

IoT

IoT InfoSec Artificial Intelligence Risk

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

SecureWorld News

DECEMBER 11, 2023

We covered the new rules on July 31, with some thoughts from InfoSec leaders. Public companies will also have to share details about their "cybersecurity risk management, strategy, and governance" on an annual basis. What should companies do to prepare?

CISO

CISO Risk CSO Government

Spotlight: When Ransomware Comes Calling

The Security Ledger

SEPTEMBER 30, 2021

Related Stories Spotlight: Is There A Cure For InfoSec’s Headcount Headache? Himes on Congress’s About-face on Cybersecurity Episode 226: The Cyber Consequences Of Our Throw Away Culture. Ransomware attacks have become a mainstay of the cyber threat landscape -and among the most dreaded forms of cyber crime.

Ransomware

Ransomware InfoSec Retail Cyber threats

DHS Launches Program to Hire 'World-Class Cybertalent'

SecureWorld News

NOVEMBER 15, 2021

One of the largest challenges the United States government faces when it comes to cybersecurity is hiring enough qualified professionals to effectively defend the nation from cyber threats. It was reported earlier this year that there were more than 1,500 vacant cybersecurity jobs in the federal government.

Government

Government Cybersecurity Cyber threats Information Security

Hack-for-Hire Campaign Targeting Climate Activists, Government Hypocrisy on Encryption

Security Boulevard

DECEMBER 15, 2024

Additionally, Scott discusses the massive Salt Typhoon hacking [] The post Hack-for-Hire Campaign Targeting Climate Activists, Government Hypocrisy on Encryption appeared first on Shared Security Podcast. The post Hack-for-Hire Campaign Targeting Climate Activists, Government Hypocrisy on Encryption appeared first on Security Boulevard.

Encryption

Encryption Government Hacking Risk

UK’s Secret Apple Backdoor Request, AI Chatbots Used For Stalking

Security Boulevard

FEBRUARY 16, 2025

In this episode, we discuss the UK governments demand for Apple to create a secret backdoor for accessing encrypted iCloud backups under the Investigatory Powers Act and its potential global implications on privacy.

Backups

Backups Encryption Government Technology

Global Cybersecurity Skills Gap Still Widening Despite Growing Workforce

SecureWorld News

NOVEMBER 7, 2023

Cyber threats pose one of the most significant risks to businesses, governments, and individuals today. Government and industry leaders have been aware of the growing cybersecurity skills crisis for years, yet it continues unabated.

Cybersecurity

Cybersecurity Artificial Intelligence Government Risk

2020 Hindsight – Top 10 Highlights from McAfee

McAfee

DECEMBER 4, 2020

At the RSA Conference in February, we launched our MDR platform and our first strategic partner to leverage our MVISION EDR solution to proactively detect cyber threats faced by customers and resolve security incidents faster. Government’s FedRAMP High JAB P-ATO Designation. Threat Actor Evolution During the Pandemic.

Cyber threats

Cyber threats InfoSec Big data Architecture

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

How exactly will artificial intelligence help bridge the infosec skills gap and what kinds of security work are still best left to humans? We came out of a DARPA research project called the Cyber Grand Challenge. But how exactly will artificial intelligence help bridge the information security skills gap?

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

Thrive today with not just being smart but being cyber smart

CyberSecurity Insiders

SEPTEMBER 21, 2021

Awareness training should be incorporated across all organizations, not just limited to governance, threat detection, and incident response plans. This also needs to be part of a broader top-down effort starting with senior management. The campaign should involve more than serving up rules, separate from the broader business reality.

Threat Detection

Threat Detection InfoSec Wireless Firewall

AI and the Future of Work: What It Means for Cybersecurity and Beyond

SecureWorld News

MAY 7, 2025

Demand for AI governance, model validation, and security for AI systems is increasing. Currently, the cybersecurity industry is faced with a skills gap due to a shortage of professionals with the expertise needed to handle the ever-evolving cyber threat landscape. That doesn't mean the human cybersecurity workforce is obsolete.

Cybersecurity

Cybersecurity Artificial Intelligence Threat Detection Technology

Peer Report Explores Concerns, Challenges Facing Cybersecurity Leaders

SecureWorld News

AUGUST 23, 2023

Results of the study, conducted in partnership with research consultancy Censuswide, reveal that businesses are struggling to understand their cyber risks, with 66% of respondents indicating they have limited visibility and insight into their cyber risk profiles, hindering their ability to prioritize investments and allocate resources effectively.

Cybersecurity

Cybersecurity Cyber Risk Risk Cyber Insurance

From a tech explosion to accidental cyberattacks, researchers offer a glimpse into 2030

SC Magazine

MAY 17, 2021

Enter Project 2030, a collaboration between Oxford Visiting Researcher Victoria Baines and Trend Micro Vice President of Security Research Rik Ferguson, which uses a mixture of survey data and forward-thinking understanding of technology to predict the infosec concerns a decade from now.

Manufacturing

Manufacturing IoT Technology Artificial Intelligence

5 Essential Actions for Cybersecurity Leaders

SecureWorld News

JUNE 16, 2020

What is the CISA: Cyber Essentials Toolkit? And the Cyber Essentials Toolkit is a set of modules concentrating vital advice for IT and InfoSec into bit-sized pieces for employees and leaders to implement. Use risk assessments to identify and prioritize allocation of resources and cyber investment.".

Cybersecurity

Cybersecurity InfoSec Risk Cyber Risk

QuoLab Technologies Recognized for its Commitment to Enhancing Security Operations

CyberSecurity Insiders

MAY 28, 2021

.–( BUSINESS WIRE )– QuoLab Technologies , provider of a data-centric security operations platform (SOP), today announced that it has been named an industry winner in multiple categories as part of the 2021 Cybersecurity Excellence Awards and the 2021 Cyber Defense Magazine Global Infosec Awards.

Technology

Technology InfoSec Threat Detection Cyber threats

Following similar move in US, Europol prepares coup de gras for Emotet’s remains

SC Magazine

APRIL 23, 2021

“CISOs that are unaware of the existence of Emotet on their networks will likely not notice its removal,” said Austin Merritt, cyber threat intelligence analyst at Digital Shadows. The FBI web-shell takedown was immediately well-received by the infosec community as a whole.

Malware

Malware InfoSec CISO Cyber threats

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

CSO

CSO Risk Energy and Utilities Social Engineering

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

How exactly will artificial intelligence help bridge the infosec skills gap and what kinds of security work are still best left to humans? We came out of a DARPA research project called the Cyber Grand Challenge. But how exactly will artificial intelligence help bridge the information security skills gap?

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

ForAllSecure

OCTOBER 9, 2019

How exactly will artificial intelligence help bridge the infosec skills gap and what kinds of security work are still best left to humans? We came out of a DARPA research project called the Cyber Grand Challenge. But how exactly will artificial intelligence help bridge the information security skills gap?

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

10 Best Integrated Risk Management Solutions

Centraleyes

JULY 25, 2024

In today’s digital age, cyber-related threats represent one of the most significant risks to organizations, necessitating a robust integrated risk management system that prioritizes cybersecurity. However, these advancements also introduce new digital risks, such as cyber threats, data breaches, and privacy concerns.

Risk

Risk Cyber Risk Cyber threats Government

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

Jane Frankland

JUNE 20, 2023

In this blog, and ahead of my talk at Infosec this week , I’m delving into this, and giving you tips for recognising its signs and preventing it as a leader. This increases the likelihood of making mistakes, such as clicking on phishing links, sharing data in insecure ways, using weak passwords, or not spotting cyber threat patterns.

Cybersecurity

Cybersecurity Risk InfoSec CISO

Cities of the Future or Hacker’s Paradise? The Cybersecurity Risks of Smart Cities

Security Boulevard

JUNE 15, 2025

We discuss the inherent vulnerabilities that come with these advancements, including cybersecurity threats and real-life incidents such as hacked crosswalk signals featuring voices of tech moguls.

Risk

Risk Cybersecurity Technology Hacking

The 23andMe Collapse, Signal Gate Fallout

Security Boulevard

APRIL 6, 2025

Kevin joins the show to give his thoughts on the Signal Gate scandal involving top government officials, emphasizing the potential risks and lack of [] The post The 23andMe Collapse, Signal Gate Fallout appeared first on Shared Security Podcast. The post The 23andMe Collapse, Signal Gate Fallout appeared first on Security Boulevard.

Government

Government Risk Accountability Data privacy

Top 5 Cybersecurity and Computer Threats of 2017

NopSec

FEBRUARY 9, 2017

As we look forward into 2017 cyber attacks , information security teams have to think like hackers in order to stay ahead of the challenges to come. But there has yet to be technology developed to make humans infallible, and people will continue to be the biggest cybersecurity threat in 2017 and beyond. For a preview, read on.

Cybersecurity

Cybersecurity DDOS IoT Social Engineering

From Spreadsheets to Solutions: How PlexTrac Enhances Security Workflows

Security Boulevard

MARCH 23, 2025

In this special episode of the Shared Security Podcast, join Tom Eston and Dan DeCloss, CTO and founder of PlexTrac, as they discuss the challenges of data overload in vulnerability remediation. Discover how PlexTrac addresses these issues by integrating various data sources, providing customized risk scoring, and enhancing remediation workflows.

Risk

Risk Penetration Testing Social Engineering Data privacy

Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE Remediation Trends

Security Boulevard

APRIL 22, 2025

Background Since 2008, Verizons annual Data Breach Investigations Report (DBIR) has helped organizations understand evolving cyber threats. Despite this short patch window, we see that the government sector had a surprisingly high average remediation rate of 116 days.

Energy and Utilities

Energy and Utilities Authentication Data breaches VPN

Cyber CEO: A Look Back at Cybersecurity in 2021

Herjavec Group

DECEMBER 15, 2021

Needless to say, in 2021 cybersecurity was front and center for individuals, enterprises, and governments alike. Data breaches and cybersecurity threats were at an all-time high this past year. Every year as December winds down and the New Year approaches, I reflect and look back at the year I’m leaving behind.

Cybersecurity

Cybersecurity Digital transformation Ransomware Cyber Risk

Kids Online Safety Act (KOSA): Protecting Kids or Censorship?

Security Boulevard

JUNE 22, 2025

In this episode, we explore the Kids Online Safety Act (KOSA), a controversial bill aimed at protecting children online. Joined by co-host Scott Wright, we discuss the potential implications of KOSA, including concerns about censorship, mass surveillance, and the impact on free expression and online privacy.

Surveillance

Surveillance Media Internet Internet

Mark Zuckerberg’s Vision: AI Companions and the Loneliness Epidemic

Security Boulevard

MAY 18, 2025

In this episode, we explore Mark Zuckerbergs bold claim that AI friends will replace human friendships, and discuss the potential implications of a world where technology mediates our connections. We also update listeners on the recent developments in the 23andMe bankruptcy case and what it means for former customers.

Technology

Technology Media Data privacy Cyber threats

US Border Searches and Protesting in the Surveillance Age

Security Boulevard

APRIL 13, 2025

Planning to travel to the United States? This episode covers recent travel advisories regarding US border agents searching electronic devices, regardless of your citizenship status. Learn essential tips on smartphone security and how to protect your personal information, especially when attending protests.

Surveillance

Surveillance Data privacy Cyber threats InfoSec

Tackling Data Overload: Strategies for Effective Vulnerability Remediation

Security Boulevard

MARCH 16, 2025

In part one of our three part series with PlexTrac, we address the challenges of data overload in vulnerability remediation. Tom hosts Dahvid Schloss, co-founder and course creator at Emulated Criminals, and Dan DeCloss, CTO and founder of PlexTrac.

Penetration Testing

Penetration Testing Social Engineering Data privacy Cyber threats

Meta Ditches Fact-Checking for Community Notes, RedNote and the TikTok Ban

Security Boulevard

JANUARY 19, 2025

In this episode, we explore Metas recent decision to replace traditional fact-checking with community notes and its potential impact on misinformation. We also discuss the implications of a TikTok ban in the U.S., with users migrating to similar apps like RedNote.

Media

Media Data privacy Cyber threats InfoSec

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

Daniel Miessler

SEPTEMBER 29, 2020

Since 2007 the InfoSec industry has been talking about TheBigOne™—the event that would change cyber threats from annoyances to existential concerns. They called it Cyber Pearl Harbor. A ransomware attack against the New Orleans city government in early 2020 cost the city over $7 million dollars.

Ransomware

Ransomware Government Social Engineering InfoSec

SANS Outlines Critical Infrastructure Security Steps as Russia, U.S. Trade Cyberthreats

eSecurity Planet

FEBRUARY 25, 2022

trading cyber threats – and one disputed NBC News report that outlined possible options presented to U.S. Kevin Holvoet of the Centre for Cybersecurity Belgium (CCB) said Russian-sponsored attacks in recent months against Ukraine and other targets have included: DDoS attacks on government, military, finance and communications.

B2B

B2B Cyber Attacks Firewall Cyber threats

Small and medium businesses need their own federal cyber policy, say advocates

SC Magazine

MAY 7, 2021

It should not be much of a surprise then, that SMB cybersecurity advocates are lobbying the Biden administration for small business-specific cybersecurity federal policies to complement an approach often focused on big players and government entities. Several issues exist solely due to scale. “I

Small Business

Small Business Government InfoSec Cybersecurity

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

Trending Sources

New Leak Shows Business Side of China’s APT Menace

UN Breach Highlights Escalation of Cyber Threats

Are our infosec controls sufficient?

Secure Communications: Relevant or a Nice to Have?

Why Governments Worldwide Recommend Protective DNS

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Rise of Data Sovereignty and a Privacy Era

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

Spotlight: When Ransomware Comes Calling

DHS Launches Program to Hire 'World-Class Cybertalent'

Hack-for-Hire Campaign Targeting Climate Activists, Government Hypocrisy on Encryption

UK’s Secret Apple Backdoor Request, AI Chatbots Used For Stalking

Global Cybersecurity Skills Gap Still Widening Despite Growing Workforce

2020 Hindsight – Top 10 Highlights from McAfee

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

Thrive today with not just being smart but being cyber smart

AI and the Future of Work: What It Means for Cybersecurity and Beyond

Peer Report Explores Concerns, Challenges Facing Cybersecurity Leaders

From a tech explosion to accidental cyberattacks, researchers offer a glimpse into 2030

5 Essential Actions for Cybersecurity Leaders

QuoLab Technologies Recognized for its Commitment to Enhancing Security Operations

Following similar move in US, Europol prepares coup de gras for Emotet’s remains

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

10 Best Integrated Risk Management Solutions

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

Cities of the Future or Hacker’s Paradise? The Cybersecurity Risks of Smart Cities

The 23andMe Collapse, Signal Gate Fallout

Top 5 Cybersecurity and Computer Threats of 2017

From Spreadsheets to Solutions: How PlexTrac Enhances Security Workflows

Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE Remediation Trends

Cyber CEO: A Look Back at Cybersecurity in 2021

Kids Online Safety Act (KOSA): Protecting Kids or Censorship?

Mark Zuckerberg’s Vision: AI Companions and the Loneliness Epidemic

US Border Searches and Protesting in the Surveillance Age

Tackling Data Overload: Strategies for Effective Vulnerability Remediation

Meta Ditches Fact-Checking for Community Notes, RedNote and the TikTok Ban

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

SANS Outlines Critical Infrastructure Security Steps as Russia, U.S. Trade Cyberthreats

Small and medium businesses need their own federal cyber policy, say advocates

Stay Connected