Tag: cybersecurity
-
The ten key reforms that can close America’s cybersecurity gaps
Cybercriminals and foreign adversaries are exploiting gaps in our digital armor. These essential reforms can help American cybersecurity catch up. First seen on cyberscoop.com Jump to article: cyberscoop.com/effective-us-cybersecurity-strategy-key-steps-op-ed/
-
The ten key reforms that can close America’s cybersecurity gaps
Cybercriminals and foreign adversaries are exploiting gaps in our digital armor. These essential reforms can help American cybersecurity catch up. First seen on cyberscoop.com Jump to article: cyberscoop.com/effective-us-cybersecurity-strategy-key-steps-op-ed/
-
Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw impacting the WinRAR file archiver and compression utility to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2025-6218 (CVSS score: 7.8), is a path traversal bug that could enable code execution. However, for exploitation First…
-
Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw impacting the WinRAR file archiver and compression utility to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2025-6218 (CVSS score: 7.8), is a path traversal bug that could enable code execution. However, for exploitation First…
-
U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2025-6218 is a WinRAR directory traversal flaw (formerly…
-
Henkel CISO on the messy truth of monitoring factories built across decades
In this Help Net Security interview, Stefan Braun, CISO at Henkel, discusses how smart manufacturing environments introduce new cybersecurity risks. He explains where single … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/10/stefan-braun-henkel-smart-manufacturing-cybersecurity/
-
The hidden dynamics shaping who produces influential cybersecurity research
Cybersecurity leaders spend much of their time watching how threats and tools change. A new study asks a different question, how has the research community itself changed over … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/10/interesting-cybersecurity-research-trends/
-
Organizations can now buy cyber insurance that covers deepfakes
Cybersecurity insurer Coalition said it will start covering certain incidents where AI and deepfakes lead to reputational harm. First seen on cyberscoop.com Jump to article: cyberscoop.com/url-coalition-cybersecurity-insurance-coverage-deepfakes-reputational-harm/
-
Organizations can now buy cyber insurance that covers deepfakes
Cybersecurity insurer Coalition said it will start covering certain incidents where AI and deepfakes lead to reputational harm. First seen on cyberscoop.com Jump to article: cyberscoop.com/url-coalition-cybersecurity-insurance-coverage-deepfakes-reputational-harm/
-
Rebrand Cybersecurity from “Dr. No” to “Let’s Go”
Tags: cybersecurityWhen it comes to cybersecurity, it often seems the best prevention is to follow a litany of security “do’s” and “don’ts.” A former colleague once recalled that at one organization where he worked, this approach led to such a long list of guidance that the cybersecurity function was playfully referred to as a famous James..…
-
Rebrand Cybersecurity from “Dr. No” to “Let’s Go”
Tags: cybersecurityWhen it comes to cybersecurity, it often seems the best prevention is to follow a litany of security “do’s” and “don’ts.” A former colleague once recalled that at one organization where he worked, this approach led to such a long list of guidance that the cybersecurity function was playfully referred to as a famous James..…
-
Analysts Warn of Cybersecurity Risks in Humanoid Robots
Think Blade Runner, but the robots can be hacked more easily than your home computer. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/cybersecurity-risks-humanoid-robots
-
Broadside botnet hits TBK DVRs, raising alarms for maritime logistics
Mirai-based Broadside botnet targets vulnerable TBK Vision DVRs, posing a potential threat to the maritime logistics sector, Cydome warns. Cydome researchers have identified a new Mirai botnet variant dubbed Broadside that is targeting the maritime logistics sector by exploiting thecommand injection vulnerabilityCVE-2024-3721 in TBK DVR devices used on vessels. >>Cydome’s Cybersecurity Research Team has identified…
-
New Variant of Mirai Botnet ‘Broadside’ Launches Active Attacks on Users
Cydome’s Cybersecurity Research Team has uncovered a sophisticated new variant of the notorious Mirai botnet, designated as >>Broadside,
-
ENISA: Cyber Talent Shortage Pushes EU Firms Toward Tech and Outsourced Security
The 6th edition of the NIS Investments report highlights a realignment in how organizations across the European Union allocate their cybersecurity investments, with funding steadily shifting from staffing toward technologies and outsourced services. The findings come from ENISA’s annual survey, which examines how EU cybersecurity policy, particularly the NIS2 Directive, translates into practice and influences operational decisions, resources,…
-
UK finally vows to look at 35-year-old Computer Misuse Act
As Portugal gives researchers a pass under cybersecurity law First seen on theregister.com Jump to article: www.theregister.com/2025/12/09/uk_computer_misuse_act/
-
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware.The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-powered coding assistant, but, in actuality, harbor covert functionality to download additional payloads, take First seen on…
-
Ignoring AI in the threat chain could be a costly mistake, experts warn
Tags: ai, attack, automation, ceo, ciso, cyber, cybersecurity, defense, exploit, government, hacker, skills, sophos, technology, threat, toolHow CISOs could cut through the confusion: The conflicting narratives around AI threats leave many CISOs struggling to reconcile hype with operational reality.Given the emergence of AI-enabled cyber threats amid pushback from some cyber experts who contend these threats are not real, Sophos CEO Joe Levy tells CSO that AI is becoming a “Rorschach test,…
-
Manufacturing fares better against ransomware, with room for improvement
Skilled labor shortages and inadequate protection facilitate attacks More than four in 10 manufacturing companies (43%) cited a lack of expertise as the reason for the cyber incident. Unknown security vulnerabilities were mentioned by 42%, and a lack of protective measures by 41%.Furthermore, the results show that ransomware attacks continue to place a heavy burden…
-
Manufacturing fares better against ransomware, with room for improvement
Skilled labor shortages and inadequate protection facilitate attacks More than four in 10 manufacturing companies (43%) cited a lack of expertise as the reason for the cyber incident. Unknown security vulnerabilities were mentioned by 42%, and a lack of protective measures by 41%.Furthermore, the results show that ransomware attacks continue to place a heavy burden…
-
AI-driven threats are heading straight for the factory floor
In this Help Net Security interview, Natalia Oropeza, Chief Cybersecurity Officer at Siemens, discusses how industrial organizations are adapting to a shift in cyber risk … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/09/natalia-oropeza-siemens-industrial-cyber-capability-shift/
-
AI-driven threats are heading straight for the factory floor
In this Help Net Security interview, Natalia Oropeza, Chief Cybersecurity Officer at Siemens, discusses how industrial organizations are adapting to a shift in cyber risk … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/09/natalia-oropeza-siemens-industrial-cyber-capability-shift/
-
Manufacturing fares better against ransomware, with room for improvement
Skilled labor shortages and inadequate protection facilitate attacks More than four in 10 manufacturing companies (43%) cited a lack of expertise as the reason for the cyber incident. Unknown security vulnerabilities were mentioned by 42%, and a lack of protective measures by 41%.Furthermore, the results show that ransomware attacks continue to place a heavy burden…
-
INE Earns G2 Winter 2026 Badges Across Global Markets
Cary, North Carolina, USA, December 4th, 2025, CyberNewsWire Cybersecurity and IT training platform maintains Leader and Momentum Leader positions while expanding regional excellence INE has been recognized with seven G2 Winter 2026 badges, underscoring its continued leadership in online course delivery, technical skills development, and cybersecurity education. This season’s awards include Leader status in the…
-
Senators Reintroduce Bill to Boost Healthcare Cybersecurity
Plan Calls for Updated HIPAA Regs, Grants, Training, Enhanced Breach Reporting Data. Four U.S. lawmakers – including the chair of the Senate health, education, labor and pensions committee – are taking another stab with a bipartisan bill aimed at strengthening cybersecurity in healthcare. That includes bolstering HIPAA, and providing cyber grants and training to the…
-
Senators Reintroduce Bill to Boost Healthcare Cybersecurity
Plan Calls for Updated HIPAA Regs, Grants, Training, Enhanced Breach Reporting Data. Four U.S. lawmakers – including the chair of the Senate health, education, labor and pensions committee – are taking another stab with a bipartisan bill aimed at strengthening cybersecurity in healthcare. That includes bolstering HIPAA, and providing cyber grants and training to the…
-
Senators Reintroduce Bill to Boost Healthcare Cybersecurity
Plan Calls for Updated HIPAA Regs, Grants, Training, Enhanced Breach Reporting Data. Four U.S. lawmakers – including the chair of the Senate health, education, labor and pensions committee – are taking another stab with a bipartisan bill aimed at strengthening cybersecurity in healthcare. That includes bolstering HIPAA, and providing cyber grants and training to the…
-
How AI-Enabled Adversaries Are Breaking the Threat Intel Playbook
The cybersecurity landscape is undergoing another seismic shift, one driven not just by AI-enabled attackers but by a structural imbalance in how defenders and adversaries innovate. John Watters traces the evolution of modern cyber intelligence from its earliest days to the new era of AI-accelerated attacks, showing how past lessons are repeating themselves at.. First…