scope
-
Amazon Web Services (AWS) is pleased to announce the issuance of the Criteria to Assess the Information Security of Cloud Services (PiTuKri) Type II attestation report with 179 services in scope. The Finnish Transport and Communications Agency (Traficom) Cyber Security Centre published PiTuKri, which consists of 52 criteria that provide guidance across 11 domains for…
-
Amazon Web Services (AWS) is pleased to announce the issuance of the Swiss Financial Market Supervisory Authority (FINMA) Type II attestation report with 179 services in scope. The Swiss Financial Market Supervisory Authority (FINMA) has published several requirements and guidelines about engaging with outsourced services for the regulated financial services customers in Switzerland. An independent…
-
The Food and Ag-ISAC has released its newest Food and Ag Sector Cyber Threat Report, offering a comprehensive analysis of the diverse threat actors targeting the industry. Unlike earlier reports that concentrated primarily on ransomware activities, the latest report examines a broader range of threat actors.
-
The major players in the Managed Detection and Response (MDR) market are CrowdStrike (US), Rapid7 (US), Red Canary (US), Arctic Wolf (US), Kudelski …
-
A survey of 510 IT security and risk practitioners finds 93% have access to a comprehensive inventory of human and non-human identities across their IT environments, with 85% having a clear line of visibility and monitoring into who is doing what. However, just under half (45%) also noted there has been some type of unauthorized…
-
Depending on who you ask, the big news this week is that quantum computing researchers out of China have broken RSA. And that’s true… sort of. There are multiple caveats, like the fact that this proof of concept is only factoring a 22-bit key. The minimum RSA size in use these days is 1024 bits.…
-
Calling all vulnerability researchers! Get ready to immerse yourselves in the world of WordPress security with the Wordfence Cybersecurity Month Spooktacular Haunt, running from now through November 11th, 2024!
-
An evaluation of biometric identity verification technologies recently conducted by the U.S. General Services Administration assessed their accuracy, both overall and for the many demographic groups that will be expected to use Login.gov for access to government services. The setup of the evaluation has raised questions, however, in particular about the limited number of vendors…
-
Addition ensures security professionals are best prepared to implement and manage their Zero Trust environments
-
Early this morning, on July 19th, Crowdstrike reported a major outage caused by an update to the Falcon sensor. The issue was confined to the Windows operating system but led to a system crash, causing significant business disruption and frustration across multiple sectors. Crowdstrike has since rolled back the update, but affected systems will need…
-
A flurry of critical infrastructure providers are making a final push to urge the Cybersecurity and Infrastructure Security Agency to place guardrails around new incident reporting requirements.
-
The US Department of Justice (DOJ) asked the US Supreme Court to clarify whether 18 U.S.C. 922(g)(1) can constitutionally prohibit both violent and non-violent offenders equally from owning guns in light of the Second Amendment, which guarantees the right to keep and bear arms.
-
In a closely watched decision stemming from the January 6, 2021, Capitol riot, the US Supreme Court ruled on Friday that the government must prove a defendant impaired or attempted to impair the availability or integrity of evidence to be convicted under a key obstruction statute.
-
Today's MSSP market update also includes news from the Splunk .conf24, an Ingram Micro and Spectra partnership, Microsoft Patch Tuesday and more.
-
Could the optimism of the Irkutsk governor be premature?