CISA, NSA, FBI say BlackMatter ransomware group is targeting the US food industry

A joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) has warned that the BlackMatter ransomware group has targeted “multiple” organizations deemed critical infrastructure, including two organizations in the U.S. food and agriculture sector. The agencies did not name did not name […]

F12 isn’t hacking: Missouri governor threatens to prosecute local journalist for finding exposed state data

Missouri governor Mike Parson is facing a monumental backlash after threatening to prosecute a journalist for responsibly reporting a serious security lapse in the state’s website. Earlier this week, St. Louis Post-Dispatch journalist Josh Renaud reported that the website for the state’s Department of Elementary and Secondary Education (DESE) was exposing over 100,000 teachers’ Social Security […]

DOJ will sue federal contractors that hide cyberattacks and breaches

The U.S. Department of Justice has said it will launch civil legal action against federal contractors if they fail to report cyberattacks or data breaches. The Civil Cyber-Fraud Initiative, introduced by Deputy Attorney General Lisa O. Monaco this week, will leverage the existing False Claims Act (FCA) to “pursue cybersecurity-related fraud by government contractors and […]

Yubico’s new hardware key features a fingerprint reader for passwordless logins

Yubico, the maker of hardware security keys, has unveiled the YubiKey Bio, its first key to support biometric authentication for passwordless logins and multi-factor authentication (2FA) The launch of the YubiKey Bio comes as tech giants transition away from traditional password-based logins, a prime target for cyberattacks. Microsoft recently rolled out a passwordless sign-in option […]

One Identity has acquired OneLogin, a rival to Okta and Ping in sign-on and identity access management

More consolidation is afoot in the world of cybersecurity, specifically around services to help organizations manage identity and access. Today, One Identity — which provides tools for managing “zero trust” access to systems, as well as running log management and other governance services for enterprises — announced that it has acquired OneLogin, a rival to […]

Arctic Wolf acquires ‘Hollywood-style’ cybersecurity training startup Habitu8

Arctic Wolf, a managed cybersecurity company that offers a “security operations-as-a-concierge” service, has acquired Habitu8, a security training and awareness content platform. Terms of the deal — which comes just two months after Arctic Wolf secured $150 million in Series F funding — were not announced, but a person with knowledge of the matter told […]

EU warns Russia over ‘Ghostwriter’ hacking ahead of German elections

The European Union has warned it may take action over Russia’s involvement in “malicious cyber activities” against several EU member states. The “Ghostwriter” campaign targeted “numerous members of Parliaments, government officials, politicians, and members of the press and civil society in the EU”, according to a press release from the European Council on Friday, and was […]