Rethinking Cyber-Physical Systems Security in the Age of Industry 4.0
As manufacturing advances into the Industry 4.0 era, the integration of Information Technology (IT) and Operational Technology (OT) necessitates a…
Publishers Spotlight: ForAllSecure
I was thrilled to catch up with ForAllSecure during Black Hat USA 2024. ForAllSecure is an organization of hackers, developers,…
Healthcare Providers Must Plan for Ransomware Attacks on Third-Party Suppliers
The American Hospital Association and Health-ISAC issued a joint threat bulletin warning healthcare IT providers that their ransomware plans need…
Point of entry: Why hackers target stolen credentials for initial access
Stolen credentials are a big problem, commonly used to breach networks in attacks. Learn more from Specops Software about checking…
North Korean hackers exploit VPN update flaw to install malware
South Korea's National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN's software update to…
Hackers breach ISP to poison software updates with malware
A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware.…
It Is Time for Smart Cyber Requirements for the Water Sector
Since 2021, the Biden Administration has been consistently talking about the limitations of a purely voluntary approach to cybersecurity for…
China’s APT41 Targets Taiwan Research Institute for Cyber Espionage
The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and…
Cyberattackers Accessed HealthEquity Customer Info via Third Party
Data thieves heisted the HSA provider's data repository for 4.5 million people's HR information, including employer and dependents intel.
The Other Lesson from the XZ Utils Supply-Chain Attack
“The best supply chain attack execution ever seen” might sound like yet another hyperbole designed to attract attention, except in…