The CISA 2026 budget cuts would be accompanied by a reduction of 1,083 CISA positions, a cut of almost a third of its present count of 3,292 employees. The Cyber Defense Education and Training program would also be gutted, with the budget proposal suggesting that it could be replaced by free resources.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Google warns Salesforce customers about vishing attacks by hackers impersonating IT support to lure employees into connecting a rogue app, exfiltrate data, and demand ransom.
Google says it will start distrusting digital certificates issued by two certificate authorities due to, Chunghwa Telecom and Netlock, compliance issues and failure to address public incidents.
Victoria’s Secret suffered a security incident that forced the lingerie giant to shut down impacted IT systems to prevent the attack from spreading and safeguard data.
The evolution of software-defined vehicles (SDVs) has led to exciting innovation in the automotive industry, but it has also brought challenges surrounding vehicle safety and security. Unlike traditional vehicles, which relied on mechanical systems with limited software, SDVs are “software on wheels.”
Data broker LexisNexis has disclosed a significant data breach that exposed the personal information of over 346,000 people after a threat actor compromised its GitHub account.
In a high-stakes chess match, the grandmaster doesn’t win by brute force; they win by observing, anticipating, and exploiting small weaknesses in their opponent’s position. Every move is part of a strategy. This is exactly how cybercriminals operate today.
Philippines-based Funnull Technology, along with one of its administrators, has been hit with OFAC sanctions for its role as a knowing infrastructure provider for hundreds of thousands of malicious sites engaging in cyber scams.
Researchers found a security flaw in OneDrive File Picker that grants apps access to any and all files in the account when the user grants permission for just one file upload, with the language governing this process cited as too "vague" and "unclear" to communicate what is actually happening.
German sportswear giant Adidas has confirmed that a third-party breach compromised customer data amid ongoing cybersecurity incidents rocking the company in other countries.