How crisis communications factor into a cyberattack

Op-ed: Wire CEO Morten Brøgger wonders why CIOs and CISOs wait until its too late to stand up secure communications inside their enterprise.

technology news

This Chinese hacking group pwned a bunch of Mongolian government sites

by Chris Bing • 3 days ago

A Chinese hacking group broke into a national data center in Mongolia late last year, quietly planting malware into local government websites.

Diplomacy won’t stop North Korean hacking, South Korean officials say

by Ryan Duffy • 4 days ago

Two top South Korean cybersecurity experts cautioned Thursday that their country is not prepared to stem the tide of North Korean hacking, regardless of two recent summits with Pyongyang that have taken place.

Hackers mined $90,000 worth of Monero with a simple Docker Hub trick

by Zaid Shoorbajee • 4 days ago

The malicious images were stored on Docker Hub for about a year before they were taken down.

Forcepoint execs: CrowdStrike's warranty is nothing more than marketing

by Greg Otto • 4 days ago

Forcepoint CEO Matt Moynahan: "It probably puts you on the defensive more so than not."

Forcepoint CEO: Stop focusing on tech and start focusing on people

by Greg Otto • 5 days ago

"We have to start thinking about people and data, and not necessarily infrastructure,” Matt Moynahan said at the Cybersecurity Leadership Forum.

National labs will probe election tech for vulnerabilities under planned DHS program

by Chris Bing • 5 days ago

The government is currently planning a cybersecurity program that would allow federally funded national scientific laboratories to privately probe and then document security flaws existing in U.S. election technology, most of which is developed and sold by private companies, according to a senior U.S. official.

DHS cyber specialist: look for behavior patterns with APTs

by Sean Lyngaas • 1 week ago

To better track advanced hacking groups, U.S.-based companies should watch for signals in human behavior instead of changing tactics.

Claroty raises $60 million to protect industrial networks from 'perfect storm' of cyberthreats

by Zaid Shoorbajee • 1 week ago

Claroty looks to protect operational technology networks from cyberthreats as industrial control systems become increasingly connected and targeted.

Flash zero-day shows up in Qatar amid geopolitical struggles

by Chris Bing • 2 weeks ago

The findings come as Qatar faces significant geopolitical struggles, including a trade blockade established by its neighbors.

Capgemini to buy commercial cybersecurity arm of Leidos

by Zaid Shoorbajee • 2 weeks ago

The French company hopes the acquisition will strengthen its North American presence.

Congress wants to prevent states from weakening encryption

by Sean Lyngaas • 2 weeks ago

A bipartisan group of House lawmakers has reintroduced legislation that would preempt any attempts by states to weaken encryption.

House panel rejects call for cyberthreat report on ZTE amid possible Trump deal

by Sean Lyngaas • 2 weeks ago

On the heels of a reported U.S. deal with embattled Chinese telecom company ZTE, American lawmakers rejected a measure that would have directed the Department of Homeland Security to provide more information on any cybersecurity risks posed by the company.

Russian-linked VPNFilter malware is even worse than originally thought, new research suggests

by Chris Bing • 2 weeks ago

A malware framework that's already infected hundreds of thousands of routers across the globe — particularly in Ukraine — appears to be even more dangerous than originally thought, according to new findings by Cisco Talos.

CrowdStrike announces $1 million warranty for breaches that happen under its watch

by Zaid Shoorbajee • 2 weeks ago

Organizations generally have to bear all the cost of a breach, even if they retain a cybersecurity company. CrowdStrike is offering a warranty.

Widespread ‘Zip Slip’ vulnerability affects AWS, HP tools, researchers say

by Sean Lyngaas • 2 weeks ago

A new widespread vulnerability that lets an attacker execute remote code affects Web development tools offered by Amazon Web Services, HP, and other companies, according to secure-coding startup Snyk.

PGP creator Phil Zimmermann joins StartPage.com to develop 'next-generation PGP'

by Patrick Howell O'Neill • 2 weeks ago

Zimmerman is best known as the creator of "Pretty Good Privacy" (PGP), an email encryption program first developed in 1991.

Data from 92 million accounts stolen from DNA testing site MyHeritage

by Patrick Howell O'Neill • 2 weeks ago

The customer DNA and genealogy data that makes up the heart of the company's work is stored on systems segregated from the breached material, the company said.

Synack offers free penetration testing for election systems ahead of 2018 midterms

by Chris Bing • 2 weeks ago

Another private company is offering free services to campaigns and election officials ahead of the 2018 midterm elections.

The zero-day industry tries 'transparency' in Dubai

by Patrick Howell O'Neill • 2 weeks ago

In an industry that tends to be quiet by design, Crowdfense is deliberately making noise.

DHS: 'Nefarious actors' could be exploiting SS7 flaw

by Sean Lyngaas • 2 weeks ago

The Department of Homeland Security has received reports that “nefarious actors” may be exploiting cellular communication vulnerabilities to spy on Americans, according to Chris Krebs, a senior DHS official.

Continue to CyberScoop.com