Critical Infrastructure Security CISA Calls on Software Developers to Enhance Cyber Hygiene Practices Chris Riotta (@chrisriotta) • January 7, 2025 New voluntary cybersecurity performance goals target software development security improvements while addressing potential vulnerabilities. The Cybersecurity and Infrastructure Security Agency (CISA) is urging software developers across the IT and product…
Encryption & Key Management, Security Operations Researcher Unveils Bitpixie Attack Techniques to Extract Encryption Keys Akshaya Asokan (asokan_akshaya) • December 31, 2024 Image: Shutterstock Recent research has unveiled a previously addressed vulnerability within the Windows BitLocker disk encryption system that remains exploitable. This flaw poses significant risks, potentially allowing attackers…
New Cybersecurity Regulations Projected to Cost Healthcare Sector $9 Billion in First Year In response to escalating data breach threats, the Biden administration is proposing a series of stringent cybersecurity regulations aimed at healthcare organizations across the United States. These new rules, prompted by the alarming rise in cyberattacks, particularly…
HIPAA/HITECH, Standards, Regulations & Compliance HHS Proposes New Encryption and Cybersecurity Standards for Healthcare Organizations Chris Riotta (@chrisriotta) • December 27, 2024 Recent high-profile breaches have targeted sensitive healthcare data. (Image: Shutterstock) The U.S. Department of Health and Human Services (HHS) is intensifying its digital security measures in response to…
The Federal Trade Commission (FTC) has mandated that Marriott International and its subsidiary, Starwood Hotels, develop and enforce a comprehensive data security program due to a series of significant failures that resulted in massive data breaches. This action comes after Marriott’s acquisition of Starwood in 2016, which was marred by…
Unsecured Database Exposes Millions of Records at Builder.ai In a serious cybersecurity incident, Builder.ai, a London-based AI development platform, has faced significant scrutiny after a massive database was discovered publicly accessible without password protection or encryption. This database contained approximately 3 million records, amounting to an alarming 1.29 terabytes of…
In 2024, the landscape of healthcare cybersecurity faced unprecedented challenges, marked by a surge in cyberattacks that significantly threatened patient safety and data privacy. Heading into 2025, however, there are glimmers of hope, including the implementation of enhanced security controls and new regulatory measures aimed at bolstering defenses against these…
Man-in-the-middle (MITM) attacks pose a significant threat in the cybersecurity landscape, allowing attackers to intercept and potentially manipulate communications between two entities without their knowledge. This type of attack is especially alarming in digital environments where sensitive information, such as login credentials and personal data, is transmitted. The following analysis…
In a recent discussion at a tech industry event, Signal CEO Meredith Whittaker emphasized the organization’s commitment to fostering a more inclusive and diverse technology landscape. She articulated that the aim is to move away from a model dominated by a handful of corporations, advocating for an ecosystem that is…
