Dustin Volz reports: WASHINGTON—President Biden on Wednesday issued a new directive instructing federal agencies to develop voluntary cybersecurity goals for companies that operate U.S. critical infrastructure, a move that came as senior officials said the administration was exploring the possibility of pursuing mandatory standards. Read more on WSJ. Related: Biden Moves to Reinforce Critical Infrastructure…
Feds list the top 30 most exploited vulnerabilities. Many are years old
Dan Goodin reports: Government officials in the US, UK, and Australia are urging public- and private-sector organizations to secure their networks by ensuring firewalls, VPNs, and other network-perimeter devices are patched against the most widespread exploits. In a joint advisory published Wednesday, the US FBI and CISA (Cybersecurity and Infrastructure Security Agency), the Australian Cyber Security Center,…
Understanding the increase in Supply Chain Security Attacks
The European Union Agency for Cybersecurity mapping on emerging supply chain attacks finds 66% of attacks focus on the supplier’s code. Supply chain attacks have been a concern for cybersecurity experts for many years because the chain reaction triggered by one attack on a single supplier can compromise a network of providers. Malware is the attack…
Calgary’s parking authority exposed drivers’ personal data and tickets
Zack Whittaker reports: If you parked your car in one of the thousands of parking spots across Calgary, there’s a good chance you paid the Calgary Parking Authority for the privilege. But soon you might be hearing from the authority after a recent security lapse exposed the personal information of vehicle owners. The exposed server…
Ransomware attack on Grass Valley
The City of Grass Valley has a notice on YubaNet that begins: On June 29, 2021 the City of Grass Valley discovered an unknown source had made unauthorized access to our information systems. The perpetrators of this cyber attack informed the City they had obtained data from City systems and threatened to publish the data…
D-BOX provides update following ransomware incident two weeks ago
MONTREAL, July 28, 2021 (GLOBE NEWSWIRE) — D-BOX Technologies Inc. (“D-BOX” or the “Corporation”) (TSX: DBO), a world leader in haptic and immersive entertainment, announces that the Corporation is gradually resuming its activities following a ransomware cyberattack against its internal IT systems announced on July 14, 2021. All major IT systems have been restored and the…