Aqua Security released the results of its 2021 Cloud Native Security Survey revealing the knowledge gap around runtime security and the associated risks. The study found that only 3% of respondents recognize that a container, in and of itself, is not a security boundary, indicating that the default security capabilities of containers are overestimated. T
Leaders of the Senate Intelligence Committee and other bipartisan lawmakers have formally introduced legislation requiring federal contractors and critical infrastructure groups to report attempted breaches following moLeaders of the Senate Intelligence Committee and other bipartisan lawmakers have formally introduced legislation requiring federal contractors and critical infrastructure groups to report attempted breaches following months of escalating cyberattacks.
nths of escalating cyberattacks.
MITRE Engenuity released results from its first round of independent MITRE Engenuity ATT&CK Evaluations for Industrial Control Systems (ICS). The evaluations examined how cybersecurity products from five ICS vendors detected the threat of Russian-linked Triton malware.
The United States, the European Union, NATO and other world powers on Monday accused the Chinese government of an array of malicious cybersecurity incidents, blaming its Ministry of State Security (MSS) and hackers for the security attack on Microsoft's email server disclosed in early March 2021.
The ransomware gang behind the highly publicized attack on CD Projekt Red uses a Linux variant that targets VMware's ESXi virtual machine platform for maximum damage, BleepingComputer reports.
A recent study from Security Compass found just 25% of organizations surveyed conduct threat modeling during the early phases of software development—requirements gathering and design—before proceeding with application development.
The number of cyberattacks increased by 17% compared to Q1 2020, and compared to Q4 2020, the increase was 1.2%, with 77% being targeted attacks, according to a new Positive Technologies Cybersecurity Threatscape Q1 2021 report. Incidents involving individuals accounted for 12% of the total.
Google’s Threat Analysis Group (TAG) has discovered four in-the-wild 0-day campaigns targeting four separate vulnerabilities this year, all which can be particularly dangerous when exploited and have a high rate of success.
While this is a step in the right direction, there are some confusion, speculation and rumors related to CMMC accreditation. The following are three common misconceptions around CMMC certification, with clarification to help organizations requiring CMMC certification to stay well-informed on the necessary guidelines and procedures.
