The plan is the policy equivalent of a high-wire act: it provides incentives for electric companies to dramatically change the way they protect themselves against cyber-attacks while trying to avoid political tripwires that have stalled previous efforts, the details suggest. Among its core tenets, the Biden administration’s so-called “action plan” will incentivize power utilities to install sophisticated new monitoring equipment to more quickly detect hackers, and to share that information widely with the U.S. government. It will ask utilities to identify critical sites which, if attacked, could have an outsized impact across the grid, according to a six-page draft of the plan, which was drawn up by the National Security Council and described in detail to Bloomberg News. And it will expand a partially classified Energy Department program to identify flaws in grid components that could be exploited by the country’s cyber-adversaries, including Russia, Iran and China.
When you’re looking to add automation to your vulnerability management and policy compliance program, a good starting point is the Host List, which is your scanned asset inventory. More precisely, it represents which assets have been scanned (and when) for Qualys Vulnerability Management (VM) or Policy Compliance (PC). After extracting this data, you can do further analysis of your scan coverage or schedule future scans on all or any subset of your assets.
Facebook’s lead data supervisor in the European Union has opened an investigation into whether the tech giant violated data protection rules vis-a-vis the leak of data reported earlier this month.
Kaspersky researchers have found a zero-day vulnerability (CVE-2021-28310) in a Microsoft Windows component called Desktop Window Manager (DWM). We believe several threat actors have already exploited the vulnerability. Microsoft just released the patch, and we suggest applying it immediately. Here’s why.
Written by Shannon Vavra
April 14, 2021 • Ellen Wilson
As the attack surface grows, it’s difficult for security teams to maintain a comprehensive, real-time view of the threats at an operational level. With too little time and not enough information, analysts struggle to determine which alerts represent a critical incident and which may just be a redundancy or a false positive — all while true positives may be slipping through the cracks.
Image: John Smith/VIEWpress
Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet.