When ‘minimal impact’ isn’t reassuring: lessons from the largest npm supply chain compromise
Earlier this week, Aikido Security disclosed what is being described as the largest npm supply chain compromise to date. Attackers...
Read more →Category: cyberscoop
DHS watchdog finds mismanagement in critical cyber talent program
The Department of Homeland Security failed to effectively implement a critical retention incentive program for cyber talent, according to a...
Read more →
SonicWall firewalls targeted by fresh Akira ransomware surge
Researchers and authorities are warning that Akira ransomware attacks involving exploits of a year-old vulnerability affecting SonicWall firewalls are on...
Read more →
CISA work not ‘degraded’ by Trump administration cuts, top agency official says
A top official at the Cybersecurity and Infrastructure Security Agency on Thursday rejected concerns that personnel and program cuts at...
Read more →
F5 to acquire AI security firm CalypsoAI for $180 million
F5, a Seattle-based application delivery and security company, announced Thursday it will acquire Dublin-based CalypsoAI for $180 million in cash,...
Read more →
Wyden calls on FTC to investigate Microsoft for ‘gross cybersecurity negligence’ in protecting critical infrastructure
Sen. Ron Wyden, D-Ore., on Wednesday called for the Federal Trade Commission to investigate Microsoft, saying the company’s default configurations...
Read more →
China’s ‘Typhoons’ changing the way FBI hunts sophisticated threats
Major cyber intrusions by the Chinese hacking groups known as Salt Typhoon and Volt Typhoon have forced the FBI to...
Read more →
Three states team up in investigative sweep of companies flouting data opt-out laws
A joint investigative sweep across three states kicked off this week aimed at identifying companies that aren’t following opt-out laws...
Read more →
Apple’s new Memory Integrity Enforcement system deals a huge blow to spyware developers
Apple has unveiled a comprehensive security system called Memory Integrity Enforcement (MIE) that represents a five-year engineering effort to combat...
Read more →
The npm incident frightened everyone, but ended up being nothing to fret about
Security professionals and observers across the industry got swept into a pit of fear Monday when an attacker took over...
Read more →
Acting federal cyber chief outlines his three priorities for the next year
The U.S. government’s acting chief information security officer outlined his three priorities for federal cyber officials over the next year...
Read more →
Critical infrastructure security tech needs to be as good as our smartphones, top NSC cyber official says
The top cyber official at the National Security Council said Tuesday that he’s dismayed by the lag in security technology...
Read more →