Cybersecurity News, Awards, Webinars, eSummits, Research

A Biden administration March 27 executive order restricts the way federal agencies can use commercial spyware, such as the NSO Group’s Pegasus spyware. (Photo by MENAHEM KAHANA/AFP via Getty Images)

Biden order puts new guardrails around government purchase, use of commercial spyware

Derek B. JohnsonMarch 27, 2023

Executive order bans U.S. agencies from purchasing or using certain commercial spyware programs, but exceptions for spyware testing and research are built in.

WHITEPAPER

The Automated Phishing Identification & Response Buyer’s Guide

PODCASTS

RESOURCES

FEATURED

Entries are open for the SC Awards, honoring cybersecurity companies, people and products. (Stock/Getty Images)

Calling all cyber companies: SC Awards entry period is open

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Careers

North Dakota to require cybersecurity education in public schools

Stephen WeigandMarch 27, 2023

North Dakota became the first state in the U.S. to require cybersecurity and computer science to be taught in public schools.

Malware

New IcedID malware variants shift from banking trojans to ransomware

Steve ZurierMarch 27, 2023

Security researchers say shift by IcedID to ransomware shows that threat actors are always evolving and it’s dangerous to typecast them.

Application security

Twitter moves to squash leak of source code, petitions court to identify leaker

Menghan XiaoMarch 27, 2023

In the request submitted via an online copyright infringement form, Twitter's general counsel asked GitHub to preserve and provide copies of any relevant information related to the account “FreeSpeechEnthusiast,” including its upload, download, access history, contact information, and IP addresses.

Email security

Fraudsters using BEC tactics to target tech vendors, other industries

Stephen WeigandMarch 27, 2023

The FBI is warning that criminals are using business email compromise (BEC) tactics to target vendors in a variety of industries, including computer hardware vendors, to obtain their products without paying.

Dish Network suffers massive multi-day outage

Ransomware

Dish customers struggle with service disruptions weeks after ransomware attack

Menghan XiaoMarch 24, 2023

Customers complain that they are still having payment issues and are not able to contact customer service weeks after Dish Network suffered a ransomware attack.

A man holds a smartphone with checkout icons floating around

Vulnerability management

Patch released for critical vulnerability in WooCommerce Payments plug-in

Steve ZurierMarch 24, 2023

WooCommerce Payments runs on more than 220,000 websites, so security teams that use the platform need to patch immediately or risk unauthenticated administrative takeover of their websites.

Cloud security

New CISA tools support detection of malicious activity in Microsoft Azure

Jessica DavisMarch 24, 2023

CISA’s Untitled Goose Tool aims to support network defenders with finding and detecting malicious activity in Microsoft Azure, Active Directory, and Microsoft 365 environments.

Biden order puts new guardrails around government purchase, use of commercial spyware

WHITEPAPER

The Automated Phishing Identification & Response Buyer’s Guide

PODCASTS

RESOURCES

FEATURED

Calling all cyber companies: SC Awards entry period is open

Get daily email updates

Perspectives

Three ways to keep the National Cybersecurity Strategy on track

The National Cybersecurity Strategy teaches us that collaboration must reign supreme

How Chromium unlocked tech’s hottest new category: the enterprise browser

Three reasons why security teams should start a modern SSE network security journey with zero-trust-network access

ChatGPT will empower a new generation of threat actors, putting pressure on defenders to keep up

In Brief

BreachForums admin takedown detailed

Cyberattack at Puerto Rico water authority under federal probe

Proposed TikTok ban legislation to move forward in House

Sensitive ChatGPT data exposed by vulnerability

Clop GoAnywhere attacks compromise Procter & Gamble

More Resources

Top ransomware controls and where MDR fits in

How to declutter DevSecOps with DAST

Deploying MDR: Quotes from the experts

How tech clutter complicates DevSecOps

Threat Hunting: Moving beyond reactive intelligence

North Dakota to require cybersecurity education in public schools

New IcedID malware variants shift from banking trojans to ransomware

Twitter moves to squash leak of source code, petitions court to identify leaker

Fraudsters using BEC tactics to target tech vendors, other industries

Dish customers struggle with service disruptions weeks after ransomware attack

Patch released for critical vulnerability in WooCommerce Payments plug-in

New CISA tools support detection of malicious activity in Microsoft Azure

EVENTS

Practical advice for protecting your digital supply chain: A realistic top 5 list

Reducing risk with user access review automation

IAM: Tales from the cutting edge, for the watch-and-learn crowd

Passwordless security: Where things stand, and What’s next?

The Three Steps to Cyber Readiness