By the end of 2023, GitHub will mandate that all code contributors secure their computers with at least one form of two-factor authentication (2FA) account protection. [Read More]
The U.S. government is barreling ahead with plans to mitigate future threats from quantum computing with a new White House memo directing federal agencies to jumpstart an all-hands-on-deck approach to migrating to quantum-resistant technologies. [Read More]
Idaho needs to be better prepared to defend against inevitable cyberattacks that could harm individuals, businesses and critical infrastructure, the Governor’s Cybersecurity Task Force said in a report. [Read More]
Cisco has issued another warning over the use of counterfeit switches, advising customers to update the software on devices before they are onboarded. [Read More]
Mandiant warns that a new threat actor is using backdoors to remain undetected for "an order of magnitude longer than the average dwell time of 21 days in 2021." [Read More]
Traceable AI, a startup building technology to reduce attack surfaces in APIs, has banked a new $60 million funding round that values the company at $450 million. [Read More]
Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response, which improves their ability to prepare and quickly recover endpoints from ransomware attacks.
Many think open source intelligence is just another name for better googling. They are wrong. Good open source and threat intelligence are derived from three core capabilities.
Vendor agnostic technology, married with actionable, globally-sourced, and continually evolving intelligence, augmented by humans, is needed to defend our enterprises.
There are areas where governments can learn from the private sector and vice-versa, which will help both sides adapt more quickly and effectively to a continuously evolving threat environment.
Schools should take measures to identify and secure sensitive data, keep devices up-to-date, and ensure that their endpoint security controls are working.
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
Cyber resiliency measures (i.e., architectural design, technologies, operational practices) assume that today’s threat actors can achieve a foothold in an organization’s infrastructure and in turn post-exploit activities must be contained and eliminated.