Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A new Sophos firewall zero-day vulnerability tracked as ​​CVE-2022-3236 has been exploited in attacks aimed at organizations in South Asia. [Read More]
CISA and the FBI have provided information on the cyberattacks that Iranian APTs conducted against the Albanian government in July. [Read More]
Russian cyberespionage group UAC-0113 is using dynamic DNS domains masquerading as telecoms providers in ongoing attacks targeting entities in Ukraine. [Read More]
CrowdStrike is elbowing its way into new security markets with a planned acquisition of attack surface management startup Reposify and a strategic investment in API security vendor Salt Security. [Read More]
US government contractors targeted in phishing campaigns claiming to invite them to bid for projects at various government departments. [Read More]
Ride sharing giant Uber is downplaying the impact from a devastating security breach that included the theft of employee credentials, access to the HackerOne bug bounty dashboard and data from an internal invoicing tool. [Read More]
The non-profit foundation is building a team to proactively identify and address security defects in the popular Rust programming language. [Read More]
Government agencies in the US, UK, Canada, and Australia say APTs associated with Iran’s IRGC have been engaging in data encryption and extortion operations. [Read More]
The Silicon Valley company has raised a total of $135 million since its launch in 2016 as a provider of data encryption technology using Intel SGX. [Read More]
The US Department of Justice announced an indictment Wednesday against three Iranian hackers who used ransomware to extort a battered women's shelter and a power company. [Read More]

FEATURES, INSIGHTS // Cyberwarfare

rss icon

Galina Antova's picture
There are seven immediate steps you can take to put your organization on the path toward better situational awareness and risk reduction to protect critical infrastructure.
Landon Winkelvoss's picture
In the event of Russian cyberwarfare, reviewing the industries, styles, and objectives of their attacks can help organizations to prepare and implement more robust defenses.
Idan Aharoni's picture
Plausible deniability provides a massive operational leeway to military operations in cyberspace, enabling governments to take actions without risking an all-out war.
Gunter Ollmann's picture
While global corporations have been targeted by Iran-linked threat actors, the escalating tensions in recent weeks will inevitably bring more repercussions as tools and tactics change with new strategic goals.
Justin Fier's picture
Against the ongoing backdrop of cyber conflict between nation states and escalating warnings from the Department of Homeland Security, critical infrastructure is becoming a central target for threat actors.
Galina Antova's picture
We must recognize industrial cyberattacks as tactics in a new form of “economic warfare” being waged between nation-states to gain economic and political advantage without having to pay the price of open combat.
Oliver Rochford's picture
The lifting of certain sanctions may provide an alternative incentive to limit certain types of cyberwar activity.
Josh Lefkowitz's picture
It’s critical to recognize that there will always be virtual ways in which terrorists and other criminals can create threats that no border process or physical security program can stop.
Ryan Naraine's picture
Thomas Rid, Professor in the Department of War Studies at King’s College London, joins the podcast to discuss the lack of nuance in the crypto debate and the future of global cyber conflict.
James McFarlin's picture
If there were any lingering doubts that cybersecurity is a geopolitical issue with global implications, such opinions were cast on the rocks by discussions this past week at the 2015 World Economic Forum in Davos, Switzerland.