CISA, FBI Release Guidance for Improving Cybersecurity

CISA, FBI Release Guidance for Improving Cybersecurity

On Dec. 3, the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and international partners issued guidance on strengthening systems against intrusions by threat actors targeting telecommunications. The guidance was informed by recent breaches affiliated with the Chinese government. The recommendations come weeks after the FBI and CISA identified that China-affiliated threat actors had “compromised networks at multiple telecommunications companies.” Initially, the breaches were believed to target specific individuals in government or political…

Read More

Software Makers Encouraged to Stop Using C/C++ by 2026

Software Makers Encouraged to Stop Using C/C++ by 2026

The federal government is encouraging software manufacturers to ditch C/C++ and take other actions that could “reduce customer risk,” according to the Product Security Best Practices report. In particular, CISA and the FBI set a deadline of Jan. 1, 2026, for compliance with memory safety guidelines. The report covers guidelines and recommendations rather than mandatory rules, particularly for software manufacturers who work on critical infrastructure or national critical functions. The agencies specifically highlighted on-premises software,…

Read More

Law Enforcement Operation Targets Infostealers

Law Enforcement Operation Targets Infostealers

In a sweeping international effort, the U.S. Department of Justice, the Federal Bureau of Investigation, and multiple global law enforcement agencies have exposed “Operation Magnus,” targeting two of the world’s most notorious information-stealing malware networks, RedLine Stealer and META. According to a press release published on Oct. 29, the operation led to the seizure of multiple servers, the unsealing of charges against a RedLine Stealer developer, and the arrest of two suspects in Belgium. RedLine…

Read More

CISA Report Finds Most Open-Source Projects Contain Memory-Unsafe Code

CISA Report Finds Most Open-Source Projects Contain Memory-Unsafe Code

More than half of open-source projects contain code written in a memory-unsafe language, a report from the U.S.’s Cybersecurity and Infrastructure Security Agency has found. Memory-unsafe means the code allows for operations that can corrupt memory, leading to vulnerabilities like buffer overflows, use-after-free and memory leaks. The report’s results, published jointly with the FBI, Australian Signals Directorate’s Australian Cyber Security Centre, and Canadian Cyber Security Center, are based on analysis of 172 critical projects defined…

Read More

Eric Vélez-Villar to deliver afternoon keynote at SECURITY 500 Conference

Eric Vélez-Villar to deliver afternoon keynote at SECURITY 500 Conference

Eric Vélez-Villar to deliver afternoon keynote at SECURITY 500 Conference | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. …

Read More

Eric Vélez-Villar | Most Influential People in Security 2023

Eric Vélez-Villar | Most Influential People in Security 2023

Eric Vélez-Villar | Most Influential People in Security 2023 | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This…

Read More

CISA joins partners to warn of routinely exploited vulnerabilities   

CISA joins partners to warn of routinely exploited vulnerabilities   

CISA joins partners to warn of routinely exploited vulnerabilities    | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This…

Read More

Jordan Rae Kelly | Women in Security 2023

Jordan Rae Kelly | Women in Security 2023

Jordan Rae Kelly | Women in Security 2023 | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This Website…

Read More

FBI cyber veteran Don Good named Everest CISO

FBI cyber veteran Don Good named Everest CISO

FBI cyber veteran Don Good named Everest CISO | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This Website…

Read More

FBI warns of juice jacking at public charge stations

FBI warns of juice jacking at public charge stations

FBI warns of juice jacking at public charge stations | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This…

Read More
1 2 3