The International Criminal Court said crooks breached its IT systems last week, and that attack isn't over yet, with the ICC saying the "cybersecurity incident" is still ongoing. In a statement shared via the site formerly known as Twitter, the Hague war crimes tribunal said it detected "anomalous activity" at the end of last week, and immediately took action "to respond to this cybersecurity incident and mitigate its impact." READ MORE...
The FBI and the cybersecurity agency CISA on Wednesday published an advisory warning critical infrastructure organizations of ongoing Snatch ransomware attacks. Active since 2018, Snatch is offered under the ransomware-as-a-service (RaaS) model, and has been targeting organizations in the United States since 2019. Since November 2021, the group has been operating a leaks site, where it threatens to publish stolen data unless a ransom is paid. READ MORE...
50% of companies lack a dedicated security function for control systems and devices within their organizational structure, according to Cybellum. Security incidents involving industrial organizations have seen a sharp rise in recent years, with notable cases highlighting the vulnerabilities in our interconnected world. IT-OT convergence, as well as the trend towards remote maintenance, amplify potential risks even further. READ MORE...
In this Help Net Security interview, Baya Lonqueux, CEO at Reciproc-IT, discusses the evolving cybersecurity landscape and the essential skillsets needed for teams working in this field. The interview highlights the shift from technical expertise to a focus on organizational and governance skills for managing business cybersecurity risks. Lonqueux also addresses the proactive measures required to mitigate cybersecurity risks. READ MORE...
The Biden administration is looking to simplify the dizzying reporting requirements faced by critical infrastructure entities. he Department of Homeland Security delivered a 100-page report on Tuesday with recommendations on how to revamp the thicket of cyber incident reporting requirements faced by U.S. critical infrastructure operators. Tuesday's report found that critical infrastructure entities face a dizzying 45 active reporting requirements from 22 different federal agencies and and an additional five under consideration. READ MORE...
An automotive cybersecurity study shows that critical-risk vulnerabilities have decreased in the past decade. Research-focused security services provider IOActive has conducted an analysis of car vulnerability trends over the past decade and determined that the automotive industry has been placing increasing importance on cybersecurity. The new IOActive automotive cybersecurity study (PDF) looks at vulnerabilities discovered over the last 10 years, with a focus on trends between 2016, 2018 and 2022. READ MORE...