X-Industry

The Biden administration recently announced a new cyber initiative to label smart devices considered safe and less vulnerable to attacks.  As part of the new cybersecurity labeling program, a new ‘US Cyber Trust Mark’ shield logo will be applied to products that meet specific cybersecurity criteria. 

Proposed by Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel, the program aims to improve the cybersecurity of smart devices, including smart consumer products and electronics,

The notorious carding marketplace BidenCash recently released information on more than 2.1 million credit and debit cards.  The criminal site uses the president’s name and photo to trade in stolen data.  Carding marketplaces, also referred to as card shops, are cybercrime websites that facilitate the trading and unauthorized use of stolen payment card details.  The site active for less than a year, BidenCash has quickly become one of the top carding marketplaces, making a name for itself by rele

Finland’s parliament website was temporarily shut down on Tuesday, 9 August, following a cyber-attack that coincided with the US’s move to admit the Nordic country to the North Atlantic Treaty Organization (NATO).  The Finnish parliament said in a statement on Twitter that a denial-of-service attack hit the parliament’s external websites at around 2:30 pm local time.  “The Parliament takes steps to limit the attack together with service providers and the Cybersecurity Center,” the statement said

Has the notorious REvil, aka Sodinokibi, ransomware operation come back? Researchers suspect former developers may have restarted the server and data leak site. On 20 April 2022, the original Happy Blog leak site began redirecting to the new blog, which lists both old and seemingly new victims, including Oil India Limited.  Cybersecurity researchers on Twitter attributed a recent ransomware attack at Oil India Limited to either REvil or imposters using the gang's name.

In early April 2022, at th

The US head of the US National Security Agency (NSA), Cyber Command says the US will continue to battle ransomware for many years into the future. Some of the highest-ranking cybersecurity officials in the US government discussed the pervasive threat of ransomware on 05 October 2021, comparing it to an issue of national security with the ability to inflict measurable damage on major world powers.

Speaking at security firm Mandiant's Cyber Defense Summit, the deputy national security adviser for

The US Department of Commerce is currently requesting public input on a previous administration cybersecurity executive order that requires cloud providers to verify the identities of certain users.  The goal of the executive order is to identify malicious cyber actors operating abroad and leveraging US technologies. 

Executive Order (EO) 13984 was signed on 19 January 2021 by President Trump, along with other mandates focused on national security.  While incumbent President Joe Biden has revers

The current US administration unveiled a new package of supply chain and critical infrastructure security initiatives on 25 August 2021.  This following a meeting at the White House with about 25 tech, banking, insurance, and infrastructure executives.   Little did the group know that an inexpensive solution has been available for 3 years:  Wapack Labs LLC - Introduces RedXray: Wapack Labs

The initiatives feature a pledge by several companies, including tech giants Microsoft, Google and IBM and

New guidance from the National Institute of Standards and Technology spells out security measures for "critical software" used by federal agencies and minimum standards for testing its source code.  The best practices could be a model for the private sector as well.  NIST's release of best practices carries out a mandate in President Joe Biden's May executive order on cybersecurity, which, in part, called for agencies to address supply chain threats, such as that posed by the SolarWinds incident

The current US administration has a message for Russia: Rein in the criminal hackers operating from inside your borders who hit Western targets, or we will do it for you.  The White House says that is the imperative being stressed in ongoing talks between high-level officials in the US and Russian national security teams following the mid-June summit in Geneva between the US President and the Russian President. 

Experts say disrupting ransomware will take more than diplomacy, and needed cybersec

The Department of Homeland Security has issued a cybersecurity directive that requires the operators of oil and gas pipelines to report ransomware attacks and other security incidents to the government.  The new cybersecurity mandates, which will replace some voluntary guidelines that had been in place for a decade, were announced Thursday in the wake of a 07 May 2021 ransomware attack that led Colonial Pipeline Co. to temporarily shut down its pipeline serving the East Coast, triggering fuel sh

US Lawmakers and security experts have expressed disappointment that US President Joe Biden’s $2.25 trillion infrastructure plan does not include funding to protect vital facilities against the growing threat of cyberattacks.  This infrastructure package failed to provide money to defend critical systems, such as the US power grid, against hackers, according to media sources last week.  “Any critical infrastructure modernization must take cybersecurity into account from the start,” said the OT d