It’s hard to comprehend living in a world where flawed or buggy code can take down so many critical systems and drain $5 billion in direct losses from Fortune 500 companies. And, it’s true that there’s no easy fix to this kind of problem.
But whether it’s preventing bad software updates or maintaining compliance among constant requirements and changes, organizations can implement several practical measures to improve their cybersecurity hygiene and reduce their risk exposure.
Read more…
Source: TechRadar
Related:
- Military leaders warn U.S. must prepare for cyber, infrastructure threat
June 16, 2023
The United States must immediately get ready for domestic, cyber-enabled attacks on critical domestic infrastructure and guard against foreign-initiated information operations targeted at the American people, according to speakers and panelists at an Association of the U.S. Army symposium on Wednesday in Arlington, Virginia. Mark Bristow, director of the Cyber Infrastructure Protection Innovation Center (CIPIC) at ...
- CISA and NSA Release Joint Guidance on Hardening Baseboard Management Controllers (BMCs)
June 14, 2023
Today, CISA, together with the National Security Agency (NSA), released a Cybersecurity Information Sheet (CSI), highlighting threats to Baseboard Management Controller (BMC) implementations and detailing actions organizations can use to harden them. BMCs are trusted components designed into a computer’s hardware that operate separately from the operating system (OS) and firmware to allow for remote management ...
- “.Zip” top-level domains draw potential for information leaks
June 13, 2023
As a result of Google’s announced sale of new TLDs that are also popular file extension formats, there is an increased risk with the deployment of the “.zip” domain that threat actors will develop new vectors for compromising victims. In early May 2023, Google released eight new TLDs, marketing the “.zip” domain as a way ...
- New bill would give CISA greater cyber outreach responsibilities
June 13, 2023
Lawmakers have introduced a new bipartisan bill that aims to equip the most frequent targets of ransomware attacks and underserved communities across the country with critical access to cybersecurity training, education and resources. The Cybersecurity Awareness Act would require the Cybersecurity and Infrastructure Security Agency to launch a new public-private campaign promoting cybersecurity best practices — ...
- CISA and Partners Release Joint Guide to Securing Remote Access Software
June 6, 2023
Today, CISA, Federal Bureau of Investigation (FBI), the National Security Agency (NSA), Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Israel National Cyber Directorate (INCD) released the Guide to Securing Remote Access Software. This new joint guide is the result of a collaborative effort to provide an overview of legitimate uses of remote access software, ...
- CISA Adds One Known Exploited Vulnerability to Catalog
May 26, 2023
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-2868 Barracuda Networks ESG Appliance Improper Input Validation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Releases ...