According to a survey conducted by Imprivata conducted by WBR Insights, healthcare cybersecurity leaders reported using multi-factor authentication (MFA), identity and access management (IAM), and privileged access management (PAM) solutions to reduce…

The German Federal Office for Information Security (BSI) has released an IT baseline protection profile for space infrastructure in response to concerns that attackers may turn their attention to the sky. The document resulted from work by Airbus Defence…

The threat actor behind the AstraLocker ransomware claims they are ceasing operations and intend to transition to cryptojacking. The creator of the ransomware uploaded a ZIP archive containing AstraLocker decryptors to the VirusTotal malware detection…

MITRE's Center for Threat Informed Defense now provides a free Chrome browser extension called ATT&CK Powered Suit that enables instant searching of the ATT&CK framework knowledge base by right-clicking on a term. Mark Haase and Jon Baker, the…

An investigation conducted by ITV News into cybersecurity at UK public services revealed a significant disparity in defense budgets, hundreds of website vulnerabilities, and staff email addresses and passwords at one council posted in full online.  …

It was recently discovered that a malicious third party compromised the British army’s Twitter and YouTube accounts and used them to direct visitors to cryptocurrency scams.  After discovering the accounts were hacked, it took 4 hours to regain…

OpenSea, the largest nonfungible token (NFT) marketplace with nearly 2 million users, revealed that an employee of one of its email vendors, Customer.io, gained access to and downloaded the company's email list. It also stated that anyone who has…

The PCI Security Standards Council (PCI SSC) has released version 4.0 of the PCI Data Security Standard (PCI DSS). PCI DSS is a global standard that provides a baseline of technical and operational requirements designed to protect account data. PCI DSS…

Researchers have released details on the steps ransomware actors have taken to conceal their true identity online, as well as the location of their web server infrastructure. According to Cisco Talos researcher Paul Eubanks, most ransomware operators…

A threat actor that has not yet been identified is offering databases containing more than 22 gigabytes of stolen data on approximately 1 billion Chinese residents for 10 bitcoins worth $195,000. The disclosure was made on a hacker forum by a user going…

Morgan Livingston, an expert focused on Artificial Intelligence (AI) policy, suggests using a sociotechnical approach to leveraging and securing Machine Learning (ML). ML is a critical capability in a defense environment that relies on rapidly converting…

The publishing giant Macmillan is trying to recover from a ransomware attack that prevented it from electronically processing orders. Although no ransomware gang claimed responsibility for the attack, employees took to Twitter to discuss the…