The Cybersecurity and Infrastructure Security Agency (CISA) has released its five-year industrial control systems (ICS) strategy: Securing Industrial Control Systems: A Unified Initiative.

Qualys, Inc., a provider of disruptive cloud-based IT, security and compliance solutions, announced the appointment of Ben Carr as Chief Information Security Officer (CISO).

A new study from Digital Shadows finds there are more than 15 billion credentials in circulation in cybercriminal marketplaces, many on the dark web – the equivalent of more than two for every person on the planet. The number of stolen and exposed credentials has risen 300 percent from 2018 as the result of more than 100,000 separate breaches.

North Korean state sponsored hackers are implicated in the interception of online payments from American and European shoppers, Sansec research shows.

The National Security Agency (NSA) has issued a new cybersecurity advisory warning that virtual private networks (VPNs) could be vulnerable to attacks if not properly secured.

U.S. Attorney Bryan Schroder announced that a Washington man has been sentenced to federal prison for his role in a long-running scheme in which he and his criminal associates developed distributed denial-of-service (DDoS) botnets. 

The Cybersecurity and Infrastructure Security Agency (CISA) released its Cyber Essentials Toolkit, Chapter 2: Your Staff, The Users. This toolkit is the second in a series of six toolkits set to be released each month.

To help meet the need for specialized engineers who can design and defend secure systems, Duke University is launching a new Cybersecurity Master of Engineering degree program.

The nature of IIoT devices and infrastructure makes them high-value cyber targets. This is because they are relatively easy to compromise and are often connected to internal networks with high-value content with links to other networks. Moreover, IIoT devices rarely have direct user interaction, and this unattended nature means that many types of device compromise are likely to go unnoticed and undetected – particularly when the malware does not disrupt the device’s primary functionality. Here are a dozen reasons why intelligent IIoT devices are attractive targets for hackers.