Security Boulevard

DECEMBER 6, 2023

A security flaw in Adobe’s ColdFusion application development tool that was patched in March continues to be a headache for organizations running unpatched versions of the product. The post CISA: Hackers Use ColdFusion Flaw to Breach Federal Agency appeared first on Security Boulevard. This week, the U.S.

Government 62

Government Cybersecurity Malware Network Security 62

Schneier on Security

AUGUST 11, 2020

Anomaly Six is a federal contractor that provides global-location-data products to branches of the U.S. government and private-sector clients. And I'm sure they sell to the US government; it's legal and why would they forgo those sales? The company told The Wall Street Journal it restricts the sale of U.S.

Mobile 265

Mobile Government Internet Internet 265

Adam Levin

SEPTEMBER 28, 2020

federal, state, and local government agencies, announced that its internal systems were hacked last week. . The company, which provides election, information management and emergency management systems to over 15,000 government offices across the country, announced the hack after its website was taken offline Wednesday, September 23.

Technology 208

Technology Software Government Ransomware 208

Dark Reading

SEPTEMBER 23, 2022

The bug allows unauthenticated code execution on the company's firewall products, and CISA says it poses "significant risk" to federal government.

Firewall 93

Firewall Government Risk 93

Krebs on Security

OCTOBER 17, 2023

ARIN’s civil case caught the attention of federal prosecutors in South Carolina, who in May 2019 filed criminal wire fraud charges against Golestan , alleging he’d orchestrated a network of shell companies and fake identities to prevent ARIN from knowing the addresses were all going to the same buyer.

Internet 285

Internet Internet VPN Marketing 285

CSO Magazine

MARCH 16, 2022

Germany’s Federal Office for Information Security (BSI) has warned businesses against using Kaspersky virus protection products amid concerns of Russian technology being coerced by Russian government agents and forced to attack target systems against its will or spied on. federal agencies in 2017.

Government 95

Government Technology Information Security 95

The Last Watchdog

DECEMBER 14, 2023

Nearly $400 million was lost as 28 Toyota production lines shut down. Rebecca Krauthamer , Co-founder and CPO, QuSecure Krauthamer As new standards for quantum-resilient cryptography come into effect, many government agencies will move toward quantum-readiness. Their guidance: Snehal Antani , CEO, Horizon3.ai

Cybersecurity 201

Cybersecurity Marketing Encryption CISO 201

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Risk 202

Risk VPN Internet Internet 202

Schneier on Security

NOVEMBER 24, 2021

NSO Group’s Pegasus spyware is favored by totalitarian governments around the world, who use it to hack Apple phones and computers. Apple’s lawsuit seeks to ban NSO Group from further harming individuals by using Apple’s products and services.

Spyware 289

Spyware Hacking Government Malware 289

Malwarebytes

MARCH 5, 2024

A California federal judge has ordered spyware maker NSO Group to hand over the code for Pegasus and other spyware products that were used to spy on WhatsApp users. NSO Group is closely regulated by the Israeli ministry of defense, which reviews and has to approve the sale of all licenses to foreign governments or entities.

Spyware 129

Spyware Government Mobile Encryption 129

Krebs on Security

JUNE 10, 2022

At the outset of their federal criminal trial for hijacking vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct (now Amobee ) have pleaded guilty to lesser misdemeanor charges of fraud and misrepresentation via email.

Government 245

Government Marketing Internet Internet 245

Joseph Steinberg

MARCH 8, 2022

CyberSecurity Expert Joseph Steinberg and US Congresswoman Claudia Tenney (NY 22) will discuss the cybersecurity threat posed by China to the USA, and how differing security policies at federal and state levels are aggravating matters for Americans in this regard.

Cybersecurity 130

Cybersecurity Artificial Intelligence Government Technology 130

Schneier on Security

FEBRUARY 4, 2021

Department of Agriculture, was among the affected organizations, raising fears that data on thousands of government employees may have been compromised. […]. Reuters was not able to establish how many organizations were compromised by the suspected Chinese operation.

Hacking 344

Hacking Software Banking Risk 344

CyberSecurity Insiders

JUNE 16, 2022

Ireland government has proclaimed that it is joining Microsoft Government Security Program (GSP) and so will be getting needed help in defending its country’s critical infrastructure from cyber attacks. NOTE 1- GSP is being offered by the American tech giant for people to trust in its products and services.

Government 124

Government Cyber Attacks Software Cybersecurity 124

CyberSecurity Insiders

MARCH 16, 2022

Kaspersky has hit back at the recently released advisory of German authorities that urges organizations to stop using products of the said Anti Virus firm, due to the tensions prevailing between the West and the Russian federation. Ours is a private firm and has nothing to do with the actions of the Russian government in any form.

Government 93

Government Threat Detection Engineering Information Security 93

Security Affairs

NOVEMBER 16, 2022

Iran-linked threat actors compromised a Federal Civilian Executive Branch organization using a Log4Shell exploit and installed a cryptomining malware. Log4Shell impacts the products of several major companies that use Log4j, but in many attacks, the vulnerability has been exploited against affected VMware software. Pierluigi Paganini.

Government 119

Government Hacking Malware Software 119

Krebs on Security

JANUARY 23, 2019

federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents. The loss in productivity and pertinent intelligence is immeasurable.”

Government 253

Government Media Internet Internet 253

Krebs on Security

DECEMBER 18, 2020

government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. 3, and said it learned about the flaw from the NSA. .” ” Also on Dec.

Software 355

Software Authentication Hacking Government 355

Security Affairs

FEBRUARY 1, 2024

CISA is ordering federal agencies to disconnect Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. For the first time since its establishment, CISA is ordering federal agencies to disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours.

VPN 113

VPN Authentication Software Malware 113

Security Affairs

SEPTEMBER 21, 2022

Federal Communications Commission (FCC) has added more Chinese telecom firms to the Covered List. Federal Communications Commission (FCC) has added Pacific Network Corp, ComNet (USA) LLC, and China Unicom (Americas) Operations Limited, to the Covered List. ” reads the announcement published by the FCC. national security.

Telecommunications 98

Telecommunications Mobile Government Risk 98

CyberSecurity Insiders

MARCH 4, 2022

As Russian President Putin is in a mindset of finishing the war only after he takes control of all Ukrainian cities, tech companies from America are announcing their retaliation backed business withdrawals in the said region, in compliance with the government sanctions.

Cyber Attacks 116

Cyber Attacks Government Software Technology 116

SecureWorld News

JANUARY 29, 2024

The mandate under the Defense Production Act is part of sweeping measures to manage the risks of AI laid out in a recent Executive Order. However, Nicole Carignan, Vice President of Strategic Cyber AI at Darktrace, said that government and industry partnerships are key for achieving more secure, ethical AI. "AI Department of Commerce.

Artificial Intelligence 93

Artificial Intelligence Data privacy Government Healthcare 93

Security Boulevard

MARCH 3, 2023

Have you started pulling together information for the government’s requirement of self-attestation as to the security practices you follow in your SDLC for any software used or purchased by the U.S. federal government?

CISO 111

CISO Cybersecurity Insurance Software 111

Security Affairs

DECEMBER 5, 2023

CISA warns that threat actors are actively exploiting a critical vulnerability in Adobe ColdFusion to breach government agencies. Cybersecurity and Infrastructure Security Agency (CISA) is warning about threat actors actively exploiting a critical vulnerability ( CVE-2023-26360 ) in Adobe ColdFusion to breach government agencies.

Government 116

Government Malware Software Hacking 116

Malwarebytes

MARCH 7, 2024

Intellexa is based in Greece but the Treasury Department imposed the sanctions because of the use of the spyware against Americans, including US government officials, journalists, and policy experts. The Entity List is a trade control list created and maintained by the US government.

Spyware 105

Spyware Surveillance Government Risk 105

Security Boulevard

MARCH 14, 2023

One of the requirements of Executive Order 14028, issued in May 2021 and designed to improve the nation’s cybersecurity, is that software producers who supply the federal government provide a software bill of materials (SBOM) for each product.

Government 52

Government Software Cybersecurity 52

Security Boulevard

SEPTEMBER 10, 2022

Cloud companies that wish to do business with the United States federal government can only do so if they receive authorization under the Federal Risk and Authorization Management Program (FedRAMP).

Government 70

Government Risk 70

eSecurity Planet

JANUARY 22, 2021

As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. government, standards will not apply to the IoT market at-large. government, standards will not apply to the IoT market at-large.

IoT 143

IoT Cybersecurity Manufacturing Government 143

Krebs on Security

MARCH 5, 2021

Cybersecurity & Infrastructure Security Agency (CISA), other government agencies, and security companies, to ensure it is providing the best possible guidance and mitigation for its customers. ” the government cybersecurity expert said. ’ But how are they securing their non-cloud products?

Hacking 363

Hacking Software Government Internet 363

Security Affairs

DECEMBER 14, 2020

Hackers broke into the networks of federal agencies and FireEye by compromising SolarWinds’ Orion Network Management Products. The US agency is calling on all federal civilian agencies to review their networks for indicators of compromise power down SolarWinds Orion products immediately. .

Software 129

Software Hacking Telecommunications Government 129

SecureWorld News

MAY 18, 2022

Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive requiring F ederal Civilian Executive Branch (FCEB) agencies to update specific VMWare products or remove them from agency networks until the update can be applied.

Risk 78

Risk Engineering Authentication Government 78

Security Boulevard

SEPTEMBER 19, 2022

Most organizations develop three to five-year phasing plans for most IT and cyber products to align with the manufacturer’s end-of-development, end-of-support, and end-of-life product life cycles and keep up with the latest security risks. Separating Product Sunsetting from Process. The risk of products going early end of life.

Cybersecurity 98

Cybersecurity Architecture Risk Insurance 98

Security Affairs

NOVEMBER 24, 2022

The British government banned the installation of Chinese-linked security cameras at sensitive facilities due to security risks. Reuters reports that the British government ordered its departments to stop installing Chinese security cameras at sensitive buildings due to security risks. Federal Communications Commission (FCC).

Government 96

Government Surveillance Risk Manufacturing 96

Thales Cloud Protection & Licensing

SEPTEMBER 2, 2021

To achieve its goal, the EO sets forward specific requirements: “The Federal Government must adopt security best practices; advance toward Zero Trust Architecture ; accelerate movement to secure cloud services” [Section 3(a)]. develop a Federal cloud-security strategy and provide guidance to agencies accordingly” [Section 3(c)(i)].

Cybersecurity 126

Cybersecurity Architecture Government Encryption 126

CSO Magazine

MARCH 21, 2023

Ping Identity, a Colorado-based IAM software vendor, is making a new product, PingOne Neo, available in a limited early access program. PingOne Neo is designed as a decentralized platform, as opposed to the heavily federated systems commonly in use. It works something like a wallet, according to the company.

Mobile 78

Mobile Marketing Government Software 78

Security Boulevard

MARCH 21, 2023

More and more organizations are deploying a software bill of materials (SBOM) to identify and track the various components of the software products they develop or use. federal government mandates, improve the software supply chain or some other reason. What’s in an SBOM? The post What’s in an SBOM?

Software 52

Software Government Risk 52

Security Affairs

FEBRUARY 12, 2023

Australia’s Defense Department announced that they will remove surveillance cameras made by Chinese firms linked to the government of Beijing. Australia’s Defense Department is going to replace surveillance cameras made by Chinese firms Hikvision and Dahua, who are linked to the government of Beijing. ” reported The Guardian. .”

Surveillance 97

Surveillance Government Manufacturing Risk 97