This week, Health-ISAC®’s Hacking Healthcare® examines evidence that the HIPAA Security Rule effort launched at the end of the Biden administration may be moving ahead under the Trump administration, and that the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) might miss its October deadline by more than a few months. As a reminder, this […] The post Health-ISAC Hacking Healthcare 8-28-2025 appeared first on Health-ISAC - Health Information Sharing and Analysis Center.| Health-ISAC – Health Information Sharing and Analysis Center
Two CIS tenders have opened in Western Australia, seeking 1.6GW of renewable energy generation in the Wholesale Electricity Market (WEM).| PV Tech
This year at BSides Las Vegas, a panel discussing the CVE program and crisis occurred. I watched the panel discussion after the fact, since I did not attend. For full transparency, something MITRE …| Rants of a deranged squirrel.
In its recent Advisory AA25‑203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.| Infoblox Blog
Attackers have used two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on government Cisco ASA appliances.| Help Net Security
Microsoft reportedly used China-based engineers to maintain its exploited SharePoint software, raising urgent national security alarms.| WinBuzzer
Article Link: https://www.bleepingcomputer.com/news/security/google-gemini-flaw-hijacks-email-summaries-for-phishing/| Project Hyphae
Actively exploited SLP vulnerability (CVE-2023-29552) poses high-severity threat. CISA recommends swift mitigation measures.| Gridinsoft Blogs
Water and wastewater utilities in New York State will for the first time be required to meet a host of basic cybersecurity requirements.| StateScoop
A recent joint advisory from the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) has highlighted a significant threat to critical infrastructure sectors across the United States: RansomHub ransomware.| MixMode
Brave warns US Senate & Congress: foreign state actors can use targeted ads to run code on US government computers, exploiting conventional browsers| Dr Johnny Ryan FRHistS
CISA reveals new malware variant used on compromised Ivanti Connect Secure devices| Help Net Security
Article Link: https://www.csoonline.com/article/4012801/the-top-red-teamer-in-the-us-is-an-ai-bot.html| Project Hyphae
By Dave Brown, Head of Security and Compliance at Andesite Building software that is secure by design is at the heart of what we at Andesite are passionate about – it’s the core of our mission and what we pursue as a security vendor. That’s why we proudly signed the CISA Secure by Design Pledge. […] The post Our Secure by Design Pledge appeared first on Andesite.| Andesite
Why Layoffs Increase Cybersecurity Risks Article Link: https://www.helpnetsecurity.com/2025/05/26/layoffs-cybersecurity-risks/ The CISO’s Dilemma: Balancing Access, Security, and Operational Continuity Article Link: https://www.forbes.com/councils/forbestechcouncil/2025/05/27/the-cisos-dilemma-balancing-access-security-and-operational-continuity/ Massive Data Breach Exposes 184 million Passwords for Google, Microsoft, Facebook, and More Article Link: https://www.zdnet.com/article/massive-da...| Project Hyphae
Attackers Lace Fake Generative AI Tools With ‘Noodlophile’ Malware Article Link: https://www.darkreading.com/endpoint-security/attackers-fake-generative-ai-tools-malware CISA Reverses Decision on Cybersecurity Advisory Changes Article Link: https://www.infosecurity-magazine.com/news/cisa-reverses-decision-advisory/ FBI Warns That End of Life Devices are Being Actively Targeted by Threat Actors Article Link: https://www.csoonline.com/article/3982368/fbi-warns-that-end-of-life-devices-are-b...| Project Hyphae
Criminal Group Claims Responsibility for Cyberattack on Minnesota Casino Article Link: https://cdcgaming.com/brief/cybersecurity-incident-at-minnesota-tribal-community-casino-prompts-shutdown/ As CISA Downsizes, Where Can Enterprises Get Support? Article Link: https://www.darkreading.com/cybersecurity-operations/roundtable-cisa-downsizes-where-can-enterprises-look-support Oracle Privately Confirms Cloud Breach to Customers Article Link: https://www.bleepingcomputer.com/news/security/oracle-pr...| Project Hyphae
Article Link: https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-secure-microsoft-365-tenants/amp/Hackers Using New IoT/OT| Project Hyphae
As we approach the end of the year, here are the Top 10 Cybersecurity posts on the Debevoise Data Blog in 2024 by page views. If you are not already a Blog subscriber, click here to sign up. Managing Cybersecurity Risks Arising from AI – New Guidance from the NYDFS (October 20, 2024) As cybersecurity risks continue [...]| Debevoise Data Blog
Debevoise’s Data Strategy and Security group recently assisted four leading trade associations that represent the financial services industry in preparing a joint comment letter in response to the Cybersecurity and Infrastructure Security Agency’s (“CISA”) notice of proposed rulemaking for reporting requirements for critical infrastructure entities that experience covered cybersecurity incidents (the “Proposed Rule”), developed pursuant [...]| Debevoise Data Blog
The most serious flaw in the monthly security update affects the Android system and could be exploited to achieve local escalation of privilege, the company said.| CyberScoop
Just a few days before turning off the lights, the Biden administration dropped a huge cybersecurity executive order including a lot of good stuff, that hopefully [cross your fingers, knock wood, spin around three times and spit] will last into future administrations. We snagged some time with Carole House, outgoing Special Advisor and Acting Senior Director for Cybersecurity and Critical Infrastructure Policy, National Security Council in the Biden-Harris White House, to give us a brain dump...| Security Cryptography Whatever
Yesterday, Matt Hartman, CISA Acting Executive Assistant Director for Cybersecurity, issued a statement on the CVE program. Trying to summarize the last several days and what happened is tricky, but you can read my LinkedIn posts as well as countless news articles and folks talking about. The super tl;dr is that on April 15, a […]| Rants of a deranged squirrel.
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued a joint statement with the Office of the Director of National Intelligence (ODNI) and the Federal Bureau of Investigation (FBI), highlighting the ongoing threat of Russian influence efforts targeting the upcoming elections.| MixMode
CVE-2025-0994: Kritische Schwachstelle in Trimble Cityworks ermöglicht RCE-Angriffe. Jetzt Patch einspielen!| Greenbone
In this article, you will find a list of open source cybersecurity tools that you'll wish you'd known earlier.| Help Net Security
The Cybersecurity and Infrastructure Security Agency launched a new webpage designed to keep the public informed of threats facing elections.| StateScoop
Follow us on Twitter @HackRead| Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
This is the first of two blogs with my thoughts on Known Exploited Vulnerabilities (KEV) tracking and the challenges that come with tracking them. Introduction On November 03, 2021, Cybersecurity a…| Rants of a deranged squirrel.
SolarWinds, election security and protecting federal networks were among the highlights, he said in an interview with CyberScoop.| CyberScoop
Sen. Mark Warner said influence operations are easy and cheap, and their social media audience is more willing to believe them.| CyberScoop
CISA issued an urgent alert regarding the recent CrowdStrike outage, warning that malicious actors are actively exploiting the situation to conduct phishing and other cyberattacks.| SlashNext | Complete Generative AI Security for Email, Mobile, and Browser
A new document from CISA guides local governments and the private sector on how to improve the resiliency of critical infrastructure.| StateScoop
If you follow the May 10, 2024, Black Basta “critical action” recommendations, you will most likely be exposed and potentially exploited by the threat actors. Read through the #StopRansomware: Black Basta AA-24-131A and HS-ISAC Black Basta Threat Actor Emerges as a Major Threat to the Healthcare Industry. Then take a step back and mitigate/remediate the Read More| SENKI
U.S. agencies want to secure the Border Gateway Protocol, but experts question whether their approach could worsen security.| CyberScoop
Die amerikanische Cybersecurity and Infrastructure Security Agency (CISA) hat in einer Notfallanordnung alle Bundesbehörden dazu aufgefordert, Ivanti-Geräte v| B2B Cyber Security