NSA Issues Guidance on Securing Wireless Devices in Public Settings

FORT MEADE, Md. – NSA released the Cybersecurity Information Sheet, “Securing Wireless Devices in Public Settings” today to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to Read More …

Risks in Telecommunications IT

Telecommunications is just one aspect of a 200-year-old field of research in IT. In our latest report, “Islands of Telecoms: Risks in IT,” we liken this field to what seems to be separate islands that are in fact connected by Read More …

Biden pushes for stronger cybersecurity in critical infrastructure, wants companies to do more

President Joe Biden will sign a national security memorandum on Wednesday that aims to strengthen cybersecurity for critical infrastructure, as concern mounts about the vulnerability of the U.S. in the wake of a series of recent ransomware attacks. The memo Read More …

U.S., U.K., And Australia Issue Joint Cybersecurity Advisory

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory today, highlighting the top Common Vulnerabilities and Exposures Read More …

Brazil creates cyberattack response network

Brazil has created a cyberattack response network aimed at promoting faster response to cyber threats and vulnerabilities through the coordination between federal government bodies. Created through a presidential decree signed on July 16, the Federal Cyber Incident Management Network will Read More …

Even after Emotet takedown, Office docs deliver 43% of all malware downloads now

Malware delivered over the cloud increased by 68% in Q2, according to data from cybersecurity firm Netskope. The company released the fifth edition of its Cloud and Threat Report that covers the cloud data risks, threats and trends they see Read More …

Industrial Networks Exposed Through Cloud-Based Operational Tech

The benefits of using a cloud-based management platform to monitor and configure industrial control systems (ICS) devices are obvious — efficiency, cost-savings and better diagnostics just for starters. But new research found critical vulnerabilities in these platforms that could be Read More …

DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators

WASHINGTON – Today, in response to the ongoing cybersecurity threat to pipeline systems, DHS’s Transportation Security Administration (TSA) announced the issuance of a second Security Directive that requires owners and operators of TSA-designated critical pipelines that transport hazardous liquids and Read More …

TeamTNT Campaigns Emphasize Importance of Addressing Cloud Security Gaps

Having covered TeamTNT in several of our blog entries over the past couple of years, we embarked on a research that encompasses the malicious actor group’s campaigns, tools, and techniques in 2020 and early 2021. Although believed to have been Read More …

Bug bounty platform urges need for firms to have vulnerability disclosure policy

Organisations should provide a proper channel through which anyone can report vulnerabilities in their systems. This will ensure potential security holes can be identified and plugged before they are exploited. Establishing a vulnerability disclosure policy (VDP) also would provide assurance Read More …