The attack highlights risks around holiday weekend attacks, targeted software supply chains and the growing popularity of data-theft-based extortion. Still, zero-day exploits comprise only a small slice of extortion attacks.
What could have been a digital quagmire for California’s largest school district served as a chance to hone cyber response and gird its more than 250 applications used by some 1.6 million users.
The state auditor’s office’s new program offers local governments quick assessments of their cyber postures, plus advice for improving. This can help governments get ready while on the waitlist for the state’s more in-depth cyber audits.
A nation-state sponsored actor is using living-off-the-land techniques to hide its activity and spy on U.S. targets, and possibly plan communication disruptions, Microsoft said. CISA and Microsoft released details to help potential victims identify and mitigate the threat.
John Petrozzelli takes over after Stephanie Helm stepped down from the director position in January. He brings cybersecurity experience from his time in the Air Force, FBI and private sector.
The challenges of defending water infrastructure are numerous. Many of the systems in California – and nationwide – are still operating with outdated software, poor passwords and other weaknesses that could leave them at risk.
Dallas officials are working to restore services after the city was hit with a ransomware attack earlier this week. The attack affected multiple systems, including police, courts and 311 as well as multiple city websites.
Passwords are both annoying to use and vulnerable to hackers. Fortunately, big tech is moving to support stronger, easier-to-use passkeys.
Attorney General Chris Carr has announced that the Prosecution Division will be participating in a nationwide investigation into suspected users of Genesis Market, a marketplace known to traffic in the stolen credentials.
The ransomware group that claims to have stolen data from the Modesto Police Department's IT network has started making the information available on its website, a threat analyst reported Wednesday on Twitter.
