The cyber standards for defense contractors are more rigorous, but a new report indicates that those wheels are not fully in motion. The survey found common failure to comply with CMMC requirements.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
The EU Cybersecurity Commission will create a Joint Cyber Response Unit to coordinate response to security incidents, share information, forewarn members and increase resiliency.
The day is fast approaching when Google drops support for third party cookies on Chrome. Will these changes to the way users are tracked finally bring about the end of ad fraud?
DreamHost database leak exposed nearly 815 million records of customer data from the WordPress hosting platform. User account and configuration information was exposed.
Another social media platform API has been abused for data scraping. A listing offering 700 million LinkedIn profiles has appeared on an underground hacking forum.
North Korea hackers breached South Korea’s Atomic Energy Research Institute using a VPN vulnerability. IssueMakersLab traced one IP address to state-backed Kimsuky.
Everyone understands the logic behind picking longer, more complicated passwords that are harder for bad actors to figure out and therefore better to protect sensitive and valuable information. But consumers’ bad password habits are still very much prevalent.
New report from Apple serves as an invective against the practice of sideloading apps to get around the App Store rules. Apple characterizes any sideloaded app as a "serious security risk.”
The critical infrastructure and healthcare industries are key targets for cyberattacks because of their extensive use of cyber-physical systems. Here are best practices for cyber-physical security.
A strong identity management strategy involves monitoring user behavior and activity, verifying user identity with strong authentication solutions and cybersecurity education and awareness.









