Cybersecurity Snapshot: NIST’s Cybersecurity Framework Gets Major Update, as Advisories on APT29 and ALPHV Blackcat Get Rolled Out
Check out what’s new in NIST’s makeover of its Cybersecurity Framework. Plus, the latest guidance on cyberattack groups APT29 and ALPHV Blackcat. Also, how to assess the cybersecurity capabilities of a generative AI LLM. And the most prevalent malware in Q4. And much more!...
How To Secure All of Your Assets - IT, OT and IoT - With an Exposure Management Platform
Enterprise security teams face serious hurdles to safeguarding their critical OT/IoT infrastructure, including fragmented visibility, unanticipated risks and data silos. Discover how purpose-built solutions for OT/IoT exposure management can help organizations enhance visibility, prioritize cybersec...
Cybersecurity Snapshot: LockBit Gang Gets Knocked Down, as CISA Stresses Security of Water Plants
Check out how cyber agencies from multiple countries hit the LockBit ransomware group. Meanwhile, CISA wants water treatment plants to button up their cyber defenses. Plus, there’s a new generative AI governance checklist for tech and business leaders. And the White House seeks to boost ports' cyber...
IDC Ranks Tenable No. 1 in Worldwide Device Vulnerability Management Market Share for the Fifth Consecutive Year
The research firm’s latest report also provides market insights that security professionals can use to improve their vulnerability management strategy....
Cybersecurity Snapshot: ChatGPT Gets So-So Grade in Code Analysis Test, while JCDC Pledges To Focus on Protecting Critical Infrastructure
Check out why ChatGPT’s code analysis skills left Carnegie Mellon researchers unimpressed. Plus, JCDC will put special focus on critical infrastructure security in 2024. Meanwhile, CISA and OpenSSF shine a spotlight on the security of software package repositories. And scammers leveraged tech tools ...
Shoring Up Water Security: Industry Leaders Testify Before Congress
The House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection recently brought together industry leaders and stakeholders to discuss the urgent need for protective measures, baseline cybersecurity standards and collaboration initiatives to fortify the nation’s critical wate...
Cybersecurity Snapshot: Critical Infrastructure Orgs Must Beware of China-backed Volt Typhoon, Cyber Agencies Warn
The Volt Typhoon hacking gang is stealthily breaching critical infrastructure IT environments so it can strike on behalf of the Chinese government, cyber agencies say. Plus, ransomware gangs netted $1 billion-plus in 2023. In addition, new group tasked with addressing the quantum computing threat dr...
Keep the Water Flowing for the DoD: Securing Operational Technology from Cyberattacks
Malicious actors are ramping up attacks against water and wastewater systems (WWS), which are not only attractive targets but also complex to protect. The U.S. Department of Defense (DoD) in particular operates a large number of WWS facilities. Read on to learn how a strong cybersecurity program can...
Cybersecurity Snapshot: Attackers Hack Routers To Hit Critical Infrastructure, as CISA Calls for More Secure Router Design
CISA is calling on router makers to improve security, because attackers like Volt Typhoon compromise routers to breach critical infrastructure systems. Meanwhile, data breaches hit an all-time high in the U.S. Plus, Italy says ChatGPT violates EU privacy laws. And a cyber expert calls on universitie...
Poor Identity Hygiene at Root of Nation-State Attack Against Microsoft
The latest breach suffered by Microsoft shows once again that detection and response are not enough. Because the source of an attack almost always boils down to a single overlooked user and permission, it’s critical for organizations to have strong preventive security....
Cloud Leaders Sound Off on Key Challenges
Too many identities, systems and cooks in the kitchen cloud an already complex mandate....
Cybersecurity Snapshot: New Guide Details How To Use AI Securely, as CERT Honcho Tells CISOs To Sharpen AI Security Skills Pronto
Cyber agencies from multiple countries published a joint guide on using artificial intelligence safely. Meanwhile, CERT’s director says AI is the top skill for CISOs to have in 2024. Plus, the UK’s NCSC forecasts how AI will supercharge cyberattacks. And a global survey shows cyber pros weighing pro...