Management & Strategy Archives - Page 10 of 17

House Passes Several Critical Infrastructure Cybersecurity Bills

Issued by: Security Week

One of the bills focusing on critical infrastructure is the Cybersecurity Vulnerability Remediation Act, which aims to authorize the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to assist owners and operators of critical infrastructure with mitigation strategies against serious vulnerabilities. The bill covers vulnerabilities in IT and OT systems, as well as security holes in…

Network Security

CISA Releases Analysis of 2020 Risk and Vulnerability Assessments

Issued by: Security Week

Designed to assess the effectiveness of Federal Civilian Executive Branch (FCEB), Critical Infrastructure (CI), and State, Local, Tribal, and Territorial (SLTT) stakeholders in identifying and resolving network vulnerabilities, the RVAs revealed that phishing links were the most successful technique for initial access. CISA conducted a total of 37 RVAs, leveraging the MITRE ATT&CK framework to…

Cloud Security, Network Security

Cybersecurity M&A Roundup: 14 Deals Announced July 1-8, 2021

Issued by: Security Week

A total of 14 cybersecurity-related acquisitions were announced between July 1 and July 8, 2021. Barracuda Networks acquires SKOUT Cybersecurity Application, cloud, email, data and network security solutions provider Barracuda Networks is acquiring SKOUT Cybersecurity, a company that provides cyber-as-a-service software for MSPs, as well as XDR solutions. The deal enables Barracuda to expand its…

Network Security

IoT/OT Device Security Firm NanoLock Raises $11 Million

Issued by: Security Week

The funding, which brings the total raised by the firm to $21 million, came from OurCrowd, HIVE2040 (by Avnon Group), Atlantica Group, and AWZ Ventures. The money will be used by the company to expand and improve its solutions. NanoLock Security has also announced expanding its executive team and the acquisition of two new patents….

Vulnerabilities

Continuous Updates: Everything You Need to Know About the Kaseya Ransomware Attack

Issued by: Security Week

The attack appears to impact tens of Kaseya customers and hundreds of downstream businesses. The cybercrime group that launched the attack used the ransomware to encrypt files on compromised systems and they are hoping to earn tens of millions of dollars as a result. SecurityWeek is covering all the new information that emerges and here…

Network Security

Director of Cybersecurity at NSA Gets Dedicated Twitter Account

Issued by: Security Week

The account, @NSA_CSDirector, is currently being used by Joyce, but it will likely be passed on to future NSA cybersecurity directors, similar to the @POTUS Twitter account used by the president of the United States. Joyce has promised to share “insights and information about what we are up to.” His first tweet after announcing the…

Application Security

Noname Security Raises $60 Million in Series B Funding

Issued by: Security Week

Founded in 2020, the Silicon Valley-based enterprise API security startup aims to help organizations secure both managed and unmanaged APIs. The startup says it has seen fast growth since emerging from stealth in December 2020. Over the past six months, the company has attracted 40 channel, reseller, and technology partners, while also adding hundreds of…

Network Security

UN Security Council Confronts Growing Threat of Cyber Attacks

Issued by: Security Week

At their summit earlier this month in Geneva, the US president set out red lines for Russia, which is often accused of being behind major hacks. In this case, he laid out 16 “untouchable” entities, ranging from the energy sector to water distribution. “This is the generic list of critical infrastructure which every country has,”…

Application Security

GitHub Paid Out Over $1.5 Million via Bug Bounty Program Since 2016

Issued by: Security Week

According to the company, in 2020, it paid out over half a million dollars for more than 200 vulnerabilities affecting its products and services. The amount is roughly the same as in the previous year. GitHub said it received more than 1,000 submissions through its public and private bug bounty programs, and claimed that its…

Network Security

Cybersecurity Companies Join Forces Against Controversial DMCA Section

Issued by: Security Week

The DMCA is a copyright law that was passed in 1998. It prohibits the production and dissemination of technology, devices, or services designed to circumvent measures that control access to copyrighted works. One section of the DMCA, section 1201, has posed some problems for the cybersecurity community. According to the U.S. Copyright Office, “section 1201…