The Latest

• 

  Easterly to step down from CISA director role on Inauguration Day

  CISA confirmed that political appointees of the Biden administration will also depart the agency as the Trump administration takes over.

  Leadership & Careers

• 

  Sponsored by Center for Internet Security

  Countering multidimensional threats: lessons learned from the 2024 election

  In 2024, election officials and law enforcement shared intelligence closely to counter complex threats.

  Threats

• 

  Splunk accelerates Cisco’s security business as core networking sales decline

  Security revenue doubled to $2 billion in Cisco’s recent quarter. Without Splunk’s contribution, its total revenue would have dropped 14%.

  Strategy

• 

  Palo Alto Networks’ customer migration tool hit by trio of CVE exploits

  CISA warned of two critical and actively exploited vulnerabilities in Expedition one week after another CVE came under active exploitation in the same product.

  Vulnerability

• 

  Microsoft revamps how it will disclose vulnerabilities

  The company said the additional disclosure method using the Common Security Advisory Framework will help organizations better prioritize CVEs.

  Vulnerability

• 

  Feds find ‘broad and significant’ China espionage campaign in US telecom networks

  The FBI and CISA warned the nation-state affiliated malicious activities are extensive and include the theft of sensitive call records and court-ordered information.

  Cyberattacks

• 

  National cyber director calls for streamlined security regulations

  Harry Coker Jr. assured critical infrastructure and private sector stakeholders that while standards are necessary, there is a need to harmonize burdensome compliance demands. 

  Strategy

• 

  5th Circuit dismisses Cargill employee’s Kronos hack, discrimination claims

  The decision is also a victory for UKG, whom the employee sued separately for privacy violation allegations stemming from a 2021 ransomware attack.

  Cyberattacks

• 

  Zero-days from top security vendors were most exploited CVEs in 2023

  The top five vulnerabilities exploited by attackers last year were found in security gear from Citrix, Cisco and Fortinet, the Five Eyes’ cyber agencies found.

  Vulnerability

• 

  Citrix Session Recording users warned of CVEs that allow hackers to gain control

  Security researchers at watchTowr discovered the flaw and claim attackers can gain access without authentication, a finding which Citrix disputes.

  Vulnerability

• 

  US hopes to leverage UN cybercrime treaty toward ransomware fight

  The Biden administration decided to back the controversial accord, despite widespread concerns about potential human rights abuses.

  Policy & Regulation

• 

  Critical Veeam CVE targeted by new ransomware variant

  Multiple ransomware variants are now targeting the CVE, which has a CVSS of 9.8. For customers, the risk of exploitation is only increasing.

  Vulnerability

• 

  Newpark Resources discloses October ransomware attack

  The incident occurred just two months after an attack against oilfield services giant Halliburton.

  Cyberattacks

• 

  Grocery giant Ahold Delhaize’s US operations disrupted by cyberattack

  The parent company said the disruption forced it to take certain systems offline and affected some pharmacies and e-commerce services.

  Cyberattacks

• 

  Opinion

  Who should be in the room when purchasing cyber insurance?

  Cyber exposure should be treated just as seriously as a fire event, each with a high potential to disrupt business for extended periods of time, Peter Hedberg of Corvus Insurance writes. 

  Strategy

• 

  Attackers target Palo Alto Networks’ customer migration tool

  An actively exploited vulnerability in Expedition allows attackers to achieve admin account takeover. The product reaches end of life in January.

  Cyberattacks

• 

  Halliburton incurs about $35M in expenses related to August cyberattack

  The company said the intrusion forced it to delay billing and collections, but the impact is not considered material.

  Cyberattacks

• 

  Tech executives reassess IT resilience in CrowdStrike outage aftermath

  Nearly all organizations have known operational weaknesses that leave IT systems vulnerable to service interruptions, according to Cockroach Labs.

  Strategy

• 

  TSA proposes cyber risk management programs for surface transportation, pipeline operators

  The proposed rule would also require the disclosure of cyber incidents to CISA and physical security concerns to TSA.

  Strategy

• 

  Microchip Technology reports $21.4M expense from August cyberattack

  The chipmaker said the financial impact from the attack was immaterial and largely linked to unscheduled factory outages.

  Cyberattacks

• 

  4 tech issues to watch in Trump’s second term

  AI, cloud and cybersecurity policies are in the spotlight ahead of the forthcoming Trump administration.

  Policy & Regulation

• 

  Google Cloud to mandate MFA for all users in 2025

  The policy change puts the three largest cloud providers — AWS, Microsoft Azure and Google Cloud — in position to have MFA mandates for some or all customers next year.

  Strategy

• 

  Columbus, Ohio confirms July ransomware attack compromised data of 500K people

  The city notified half a million people their personal information was at risk following the attack it attributed to a foreign threat actor.

  Cyberattacks

• 

  Schneider Electric investigating cyber intrusion after threat actor gains access to platform

  The French multinational company has been a previous target of ransomware groups.

  Breaches

• 

  Cyberattacks hit 1 in 3 SMBs last year

  Cyber woes for SMBs are exacerbated by a lack of resources to enact advanced security measures, Microsoft Security said in a report.

  Strategy

• 

  AI increases fraud risk, fintechs say

  Financial firms monitor for fraud by looking for unusual activity, but an artificial intelligence model can be trained to transact like a real person.

  Strategy

More stories