Members of a notorious Iranian hacking crew are using false personas to steal credentials and access victim cloud environments, per a new Mandiant report.
The draft cyber incident reporting rule faced significant pushback during a House hearing Wednesday, with industry groups arguing for a narrower reporting requirement.
National Security Memorandum 22 represents a good first step to better protect America’s critical infrastructure.
UnitedHealth Group CEO Andrew Witty tells Senate committee that Change Healthcare didn’t have MFA enabled on the server that was attacked in February, resulting in a $22 million ransom payment.
Other sectors that the hacktivists — who sometimes pose physical threats — are targeting in North America and Europe include energy and agriculture, according to a Wednesday advisory.
Verizon’s annual data breach report identified the MOVEit hack as the “poster child” of the phenomenon.
The director of the agency told the House Appropriations Committee that a $150 million fund would allow CISA to bolster three key initiatives.
A revised policy document aims to clarify the roles and responsibilities of federal agencies responsible for securing U.S. critical infrastructure.
At a White House event, the Office of the National Cyber Director and others encouraged a shift away from hiring based on degrees or years of experience.
The Federal Communications Commission levied nearly $200 million in fines against four telecommunications giants Monday following an agency investigation that concluded the companies had sold location data of customers without their consent.
The guidance for owners and operators in the 16 critical infrastructure sectors cover the opportunities and threats AI might pose.
State officials in Georgia have severed Coffee County’s access to statewide election systems while the breach is being addressed.