Companies face difficult choices in blaming hackers for an attack
Publicly naming a hacking group can affect everything from retaliation to insurance coverage. Source link
Category: CyberSecurityDive
The CVE Program, a bedrock of global cyber defense, is teetering on the brink
A funding scare, AI and similar international initiatives are raising existential questions about the program’s future. Source link
Cybercrime groups speed up initial access handoff through planning, coordination
A report by Google Threat Intelligence Group also shows voice-based phishing has surged amid a rise in social engineering tactics. Source link
Network edge devices still widely used after reaching end-of-life status
A report by VulnCheck shows nation-state hackers often target flaws in aging routers, firewalls and VPNs. Source link
ISACs confront AI’s promise and peril for threat intelligence-sharing
Any use of AI for ISAC work must preserve members’ trust, representatives of three critical infrastructure sectors said. Source link
Stryker confirms cyberattack is contained and restoration underway
An assurance letter from Palo Alto Networks provides insight into the forensic investigation at the medical technology firm. Source link
Lockheed Martin targeted in alleged breach by pro-Iran hacktivist
The group is demanding millions of dollars to not sell the information to U.S. adversaries. Source link
DOJ confirms seizure of domains linked to Iran-backed threat actor
A group connected to Iranian intelligence used the same infrastructure to claim credit for the hack of medical technology firm Stryker. Source link
US, allies move to dismantle four high-volume IoT botnets
The armies of hacked computers and internet of things gadgets powered disruption and extortion campaigns that sometimes cost victims tens of thousands of dollars. Source…
Companies know AI is essential for cyber defense but aren’t yet seeing returns
The maturity of organizations’ AI oversight also varies significantly, according to a new EY survey of cybersecurity leaders. Source link
CISA urges organizations to harden endpoint security following Stryker attack
The agency is coordinating with the FBI and other agencies amid concerns about additional threat activity involving Microsoft Intune. Source link
Water utilities need hands-on cybersecurity help, not just free guidance, pilot program finds
In a new report, Microsoft criticized the federal government for scaling back support to critical infrastructure operators. Source link