The Latest

• 

  National cyber director calls for deterrence against China-affiliated cyber threats

  Harry Coker Jr. said China and other adversaries cannot be allowed free reign to conduct malicious cyber activities.   

  Strategy

• 

  White House program to certify the security of IoT devices goes live

  The White House is also working on an executive order to limit federal purchasing of connected products that meet the minimum security standards under the program.

  Strategy

• 

  Investors narrow scope of cyber funding deals in 2024

  Total funding was up 9% year over year to $9.5 billion. More than half of all dollars raised went to late-stage rounds, Pinpoint Search Group said.

  Strategy

• 

  CISA says hack targeting Treasury Department did not impact other federal agencies

  BeyondTrust says an investigation of a December attack spree is nearing completion and SaaS instances are fully patched. Hackers used a stolen key to attack Treasury workstations.

  Vulnerability

• 

  AT&T, Verizon say they evicted Salt Typhoon from their networks

  Two of the largest telecom providers in the U.S. said the China-government sponsored threat group is no longer embedded in their networks.

  Cyberattacks

• 

  US Treasury office sanctions firm connected to state-sponsored Flax Typhoon threat group

  A Beijing-based cybersecurity company, Integrity Technology Group Inc., is linked to years of exploitation activity targeting U.S. critical infrastructure.

  Threats

• 

  What companies need to help secure AI

  Experts say MLOps will bridge the gap between development and operations, creating room for the inclusion of security and privacy practices, too.

  Strategy

• 

  Censys researchers warn 8,600 BeyondTrust instances still exposed

  As authorities investigate a December attack spree, the researchers added the caveat that not all instances are considered vulnerable.

  Breaches

• 

  SEC cybersecurity enforcement outlook uncertain as Trump 2.0 looms

  With issues such as cryptocurrency and climate change facing the next SEC chair, it’s unclear whether rolling back cybersecurity rules will be high on the priority list.

  Policy & Regulation

• 

  Cyber leaders are bullish on generative AI despite risks: report

  Executives say they would overhaul tooling in exchange for better generative AI capabilities, according to a CrowdStrike survey.

  Strategy

• 

  Hackers leaked data from Rhode Island ransomware attack, officials warn

  A criminal threat group had previously threatened to leak sensitive data from a Deloitte-managed social services database.

  Breaches

• 

  Treasury Department says state-linked hacker gained access to unclassified data in major attack

  The compromise of agency workstations is linked to a previously disclosed compromise of certain BeyondTrust customers.

  Breaches

• 

  White House says 9th telecom company hit in Salt Typhoon spree

  A senior official blamed the intrusions on lax security and said in one case the compromise of a single administrator account led to access of over 100,000 routers.

  Strategy

• 

  BeyondTrust customers hit by wave of attacks linked to compromised API key

  The cybersecurity vendor said an attacker compromised its access-management tool and reset customer passwords.

  Vulnerability

• 

  Researchers warn of active exploitation of critical Apache Struts 2 flaw

  Exploitation activity was observed about a week after the CVE was disclosed. 

  Vulnerability

• 

  Ascension cyberattack exposes data from 5.6M people

  The breach is the third largest reported to a portal managed by federal regulators this year.

  Breaches

• 

  Mandiant traces Cleo file-transfer exploits back to October

  The threat intelligence firm observed deployment of backdoors, but has not seen mass data theft thus far.

  Updated Dec. 19, 2024

  Vulnerability

• 

  CISA mobile security advice gets personal in wake of telecom intrusions

  The agency’s recommendations are not for the technically inept. Yet the extraordinary measures, including the use of encrypted apps, are applicable to all audiences.

  Strategy

• 

  Flagstar fined $3.5M for ‘misleading’ after 2021 cyberattack

  The bank “negligently made” materially misleading statements after a hack that resulted in the theft of 1.5 million customers’ personally identifiable information.

  Cyberattacks

• 

  Rhode Island officials warn residents as ransomware group threatens social services data leak

  The personal data of hundreds of thousands of vulnerable residents is at risk after a threat group attacked a state social services database.

  Breaches

• 

  CISA orders federal agencies to meet security baselines in Microsoft 365

  The mandate to secure cloud environments is responsive to recent cybersecurity incidents, but not one specific threat, agency officials said.

  Updated Dec. 18, 2024

  Policy & Regulation

• 

  CISA’s pre-ransomware alerts nearly doubled in 2024

  The federal agency’s efforts to improve defenses surged in fiscal year 2024. Yet, attacks continue to climb.

  Strategy

• 

  Pennsylvania representative pitches bill to double cyber assistance for local water systems

  The proposed legislation comes amid a surge in ransomware and state-linked attacks against U.S. water utilities.

  Strategy

• 

  Cleo releases CVE for actively exploited flaw in file-transfer software

  Researchers confirmed a new zero-day vulnerability is separate from a flaw originally disclosed in October. A notorious ransomware group linked itself to the attacks.

  Vulnerability

• 

  CISA, ONCD propose updated National Cyber Incident Response Plan

  The updated framework is designed to bolster the government’s partnership with private-sector organizations in the wake of an attack.

  Policy & Regulation

More stories