Cybersecurity News, Awards, Webinars, eSummits, Research

The U.S. Small Business Administration website page. (Adobe Stock Images)

Senators want a special government unit to help small businesses with cyberattacks

Derek B. JohnsonSeptember 8, 2023

A quartet of senators introduced The Small Business Cyber Resiliency Act that would establish a new Central Small Business Cybersecurity Unit within the Small Business Administration.

Threat Intelligence: Eyes on the enemy

PODCASTS

RESOURCES

FEATURED

2023 SC Award winners announced: Celebrating excellence in cybersecurity

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Malware

Apple issues 2 CVEs to patch zero-day flaws used to deliver Pegasus spyware

Steve ZurierSeptember 8, 2023

Apple quickly moves to patch the zero-day flaws following report by Citzen Lab. Apple device users are urged to run update.

Opened aircraft engine in the hangar, illuminated by bright sunlight from outside the gate

Vulnerability Management

APTs hit aeronautic firms with Zoho and Fortinet bugs

Simon HenderySeptember 8, 2023

The unnamed organization faced attacks from multiple nation-state APT groups over a period of a few weeks.

Malware

Attackers leverage Windows Advanced Installer to drop cryptocurrency malware

Steve ZurierSeptember 7, 2023

Attackers potentially based in France, Luxembourg and Germany are targeting industries that use 3D modeling and graphics to generate cryptocurrency.

Breach

Multiple Microsoft failings led to Chinese hackers stealing cryptographic key

Simon HenderySeptember 7, 2023

The compromise of a Microsoft engineer’s account was just one of several factors that allowed threat group Storm-0558 to steal a cryptographic signing key and access U.S. government accounts.

hacker in mask on dark background with digital effects

AI benefits/risks

AI abuse grows beyond phishing to multistage cyberattacks

Stephen WeigandSeptember 7, 2023

Data shows cybercriminals are adopting AI for more attacks attempting to abuse trust and deliver multistage payloads.

On Sept. 15, 2021, then-German Chancellor Angela Merkel, left, and Bavaria State Premier Markus Soeder, center, visit the Max Planck Institute of Quantum Optics in Garching, Germany, where institute manager Immanuel Bloch explains how a quantum computer works. (Photo by Guido Bergmann/Bundesregierung via Getty Images)

Supply chain

Feds seek industry guidance on protecting, fostering critical technologies

Derek B. JohnsonSeptember 6, 2023

The strategy is designed to focus federal resources towards better investment in a range of emerging technologies while also building an environment for innovation and a stable of qualified domestic workers for businesses and governments to tap.

Email security

Over 56,000 corporate Microsoft 365 accounts targeted by W3LL threat group

Steve ZurierSeptember 6, 2023

Group-IB researchers uncover an underground market that leverage phishing kits to bypass MFA and launch BEC attacks in the United States, Australia, and Europe.

Warning notification is displayed on a laptop running Windows 7 operating system in Poland, on 25 February, 2020. After 10 years, support for Windows 7 ended on January 14, 2020. Microsoft will no longer provide software updates and support, including security updates. (Photo by Beata Zawrzel/NurPhoto via Getty Images)

ICS/SCADA

LockBit breaches fence company’s weakest link: a Windows 7 PC

Simon HenderySeptember 6, 2023

Data theft from a UK military security fencing provider is a stark reminder the manufacturing sector is rife with aging, unsupported and vulnerable systems that can endanger the entire supply chain.

Senators want a special government unit to help small businesses with cyberattacks

Threat Intelligence: Eyes on the enemy

PODCASTS

RESOURCES

FEATURED

2023 SC Award winners announced: Celebrating excellence in cybersecurity

Get daily email updates

Perspectives

From risk visibility and analysis to a focus on risk reduction

How to improve the identity security of contract workers

Three ways companies can reduce software security flaws

Why companies have to face that they will experience a supply chain attack

Let’s put an end to data leaks

In Brief

North Korea ramps up intelligence-gathering cyberattacks

CISA adds critical Apache RocketMQ flaw in KEV catalog

Updated Atomic Stealer spread in new Mac malvertising campaign

Data breach disclosed by Traderie

Web skimmer attack against See Tickets impacts over 300K

More Resources

Report: Schools and governments slammed by ransomware attacks, but root causes vary by industry

Report: Ransomware payouts and recovery costs went way up in 2023

Endpoint protection best practices to fight ransomware

Key questions to ask when evaluating a network-security vendor

10 steps to choose and deploy a network-security solution

Apple issues 2 CVEs to patch zero-day flaws used to deliver Pegasus spyware

APTs hit aeronautic firms with Zoho and Fortinet bugs

Attackers leverage Windows Advanced Installer to drop cryptocurrency malware

Multiple Microsoft failings led to Chinese hackers stealing cryptographic key

AI abuse grows beyond phishing to multistage cyberattacks

Feds seek industry guidance on protecting, fostering critical technologies

Over 56,000 corporate Microsoft 365 accounts targeted by W3LL threat group

LockBit breaches fence company’s weakest link: a Windows 7 PC

EVENTS

The endpoint end game: Locking down your entry points

Secure and efficient app development? How Snyk makes both possible

Investing in IAM: Seize the moment

The Path to Autonomous Identity Security | How to automate manual identity tasks for a more secure & efficient organization

Incident Response: Lessons from the front lines of Fortune 500 cyber attacks