September 30, 2024 at 06:32PM Recent attacks on SolarWinds and MOVEit have brought attention to cybersecurity supply chain risks. In response to incidents at utilities, the US Federal Energy Regulatory Commission requested industry consortium NERC to develop a stronger supply chain security standard for power plants. FERC also addressed the need for internal network security … Read more
June 17, 2024 at 08:45AM MITRE’s memo “Don’t Trust but Verify” outlines key priorities for the next US presidential administration in cyberspace. It emphasizes protecting critical infrastructure, implementing zero trust and SBOMs, preparing for quantum computing, and clarifying cybersecurity leadership roles. MITRE calls for specific actions and timelines to address these critical cyber defense areas. … Read more
May 13, 2024 at 02:37PM Several US security agencies have issued advisories on the Black Basta ransomware gang, responsible for a recent attack on US healthcare provider Ascension. The group has targeted organizations across critical infrastructure sectors, including healthcare. Affected organizations are urged to apply recommended mitigations and report incidents to law enforcement. Ascension is … Read more
March 20, 2024 at 06:21AM The US government and international partners issued another warning about China’s Volt Typhoon cyber gang targeting critical infrastructure, advising protection measures. They emphasized guidance for non-technical senior leaders, urged cybersecurity best practices, and highlighted the importance of incident response plans and securing the supply chain. The advisory reiterated the gang’s … Read more
December 1, 2023 at 10:07AM The U.S. is facing increasing cyber threats and needs a comprehensive cybersecurity approach like Germany’s IT-SiG 2.0, emphasizing real-time detection, visibility into vulnerabilities, and proactive strategies. With the Biden administration’s National Cybersecurity Strategy and CISA’s Strategic Plan aiming for similar goals, the U.S. is taking steps towards improving its cyber … Read more