SolarWinds Hack: U.S. Govt Failure is Deeply Worrying

SolarWinds Hack: U.S. Govt Failure is Deeply Worrying

The U.S. government is doing a piss-poor job of protecting Americans from foreign hackers ...
Security Boulevard
U.S. Indicts North Korean Hackers in Theft of $200 Million

U.S. Indicts North Korean Hackers in Theft of $200 Million

The U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, ...
STAR Webcast: Spooky RYUKy: The Return of UNC1878

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

On Monday, Oct. 27, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems ...
Feds Propose ‘911’ Emergency Call for Reporting Security Flaws; Experts Warn It’s Easier Said Than Done

Feds Propose ‘911’ Emergency Call for Reporting Security Flaws; Experts Warn It’s Easier Said Than Done

CISA drafts directive to create a vulnerability disclosure policy for government websites and apps Agency seeks to centralize the effort via a standard vulnerability disclosure platform service next spring Cybersecurity veteran Katie ...

Department of Homeland Security Cybersecurity: Top 10 Vulnerabilities Still Being Exploited

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) recently released a list of the top 10 most commonly exploited software vulnerabilities across the last four years. Apache Struts ...
US Homeland Security Wants Subpoena Power to Get Data from ISPs about Vulnerable Systems

US Homeland Security Wants Subpoena Power to Get Data from ISPs about Vulnerable Systems

The US Cybersecurity and Infrastructure Security Agency (CISA), in charge of leading national cybersecurity and infrastructure resilience programs, wants a change to federal law that would allow it to inspect systems behind ...
FEC: Campaigns Can Use Discounted Cybersecurity Services

FEC: Campaigns Can Use Discounted Cybersecurity Services

The U.S. Federal Election Commission (FEC) said today companies can offer discounted cybersecurity services to political campaigns without running afoul of existing campaign finance laws, provided they already do the same for ...
US Homeland Security’s ICE demands Twitter release data on cryptic Flash Gordon account

US Homeland Security’s ICE demands Twitter release data on cryptic Flash Gordon account

Flash Gordon (@s7nsins), a mysterious Twitter user based in New Zealand, announced in a tweet that the US Department of Homeland Security’ Immigration and Customs Enforcement (ICE) sent Twitter an export enforcement ...
security testing

Equifax Confirms Hackers Broke In Through Apache Struts Flaw

U.S. credit reporting bureau Equifax confirmed Wednesday that the theft of personal information of more than 143 million consumers from its systems in May was the result of a vulnerability in the ...