Cybersecurity

Phishing Attacks Surge Despite Increased Awareness, New Strategies Needed

The alarming rise of phishing attacks has been underscored by a recent study "Phishing Landscape 2023: An Annual Study of the Scope and Distribution of Phishing conducted" by the Interisle Consulting Group, revealing a tripling of such attacks since May 2020. Despite efforts by companies and policymakers to combat this cybercrime, the data suggests that the prevailing strategies are ineffective and worsening each year. more

The Rising Cost of Digital Theft and Espionage in Germany

The German digital association, Bitkom, recently announced that the cost of IT equipment theft, data breaches, digital and industrial espionage, and sabotage is expected to reach a staggering 206 billion euros ($224 billion) in 2023.  more

Hospitals Advised to Prepare for a Month of Downtime Following Cyberattacks

The Joint Commission, a healthcare accreditation agency, has advised hospitals and health systems to brace for at least a month of downtime following a cyberattack, according to The Wall Street Journal. This recommendation is part of new guidelines released by the agency for handling IT security events. more

EU CRA: Regulatory Extremism and Exceptionalism

European Union (EU) legislators, like most of the world, are troubled about the increasing number and severity of cybersecurity incidents. However, unlike most of the world, which is taking a flexible, adaptive Zero Trust Model approach of continuous controls for cyberdefense, the EU government is pursuing a vastly expanded version of the failed Common Criteria certification model coupled with regulatory extremism and exceptionalism strategies. more

The Standards Myth That Does Not Stop

The latest iteration of the most expansive, omnipotential cybersecurity legal regime ever drafted appeared a few days ago. The European Union (EU) Cyber Resilience Act (CRA) is attempting to assert jurisdiction and control over all "products with digital elements" defined as "any software or hardware product and its remote data processing solutions, including software or hardware components to be placed on the market." more

Cybersecurity for Schools

FCC Chairwoman Jessica Rosenworcel recently asked the other FCC Commissioners to support a proposal to spend $200 million over three years to bolster school cybersecurity. Rosenworcel plans to issue a Notice for Proposed Rulemaking (NRPM) soon for her proposal. The NPRM will set off a round of public comments and then a ruling if a majority of the Commissioners agree with the final set of rule changes. more

Verisign Will Help Strengthen Security With DNSSEC Algorithm Update

As part of Verisign's ongoing effort to make global internet infrastructure more secure, stable, and resilient, we will soon make an important technology update to how we protect the top-level domains (TLDs) we operate. The vast majority of internet users won't notice any difference, but the update will support enhanced security for several Verisign-operated TLDs and pave the way for broader adoption and the next era of Domain Name System (DNS) security measures. more

Belarus-Linked Hackers Target Diplomats, Likely With State Support

Foreign diplomats based in Belarus have been under the digital crosshairs of hackers with suspected ties to the Belarusian government for nearly a decade, security researchers revealed on Thursday. more

U.S. Schools Targeted in Ransomware Attacks: White House Responds

In response to increasing ransomware attacks targeting U.S. educational institutions, the White House convened an inaugural cybersecurity summit this Tuesday. The malicious cyber onslaughts have led to the online leakage of confidential student data, ranging from medical files to reports on sexual assaults. more

British Researchers Discover AI-Powered Technique That Can Extract Data Through Typing Sounds

A new study conducted by British researchers has unveiled a potentially concerning form of cyber threat where hackers can extract personal data just by listening to someone type. more

Widespread Cyberattack Paralyzes US Hospital Systems, Interrupting Critical Healthcare Services

US hospitals have been severely affected by a substantial cyberattack, leading to the closure of emergency rooms in multiple states and the redirection of ambulances.  more

Have You Reviewed Your Domain Lock Portfolio?

Domain names give your intellectual property visibility, as well as provide function for your company's infrastructure. Vital domain names are simply too important to be left exposed. To protect them, you can add extra layers of security to your digital brand with easy, secure, server-level protection in addition to multi-level locks that combat domain name system (DNS) hijacking and protect against unauthorized changes and deletions to your critical domain names. more

SEC Now Giving Companies a 4-Day Deadline to Reveal Cyberattacks

The U.S. Securities and Exchange Commission (SEC) has introduced new regulations requiring companies to disclose substantial cybersecurity incidents. These rules also mandate yearly disclosure of key information regarding cybersecurity risk management, strategy, and governance. The mandate applies to foreign private issuers as well. more

China’s Top Diplomat Calls for Global Cyberspace Fairness, Urges Resistance to Technological Dominance

In a call for "fairness and justice" in cyberspace, China's top diplomat, Wang Yi, has encouraged emerging economies to collectively resist any attempts at dominance in science, technology, or the internet. more

Google Limits Some Employees’ Access to the Internet

Google has launched a pilot program to bolster its cybersecurity defenses by limiting internet access for some employees. Initially, Google selected 2,500 participants, but after receiving feedback, it modified the program to allow employees to opt out and invite volunteers to join. more