The National Institute of Standards and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain Security Guidance,” in response to directives set forth in President Biden’s Executive Order 14028—Improving the Nation’s Cybersecurity.

The guidance refers to existing industry standards, tools, and recommended practices that were previously published by NIST in SP800-161 “Cybersecurity

This week, AGCO, a U.S. agricultural machinery manufacturer, suffered a ransomware attack that affected its business operations and shut down its systems.

AGCO, headquartered in Duluth, Georgia, designs, produces, and sells tractors, combines, foragers, hay tools, self-propelled sprayers, smart farming technologies, seeding and tillage equipment. AGCO first discovered this attack through its subsidiary, Massey-Ferguson, when

On April 5, 2022, the U.S. Department of Treasury Office of Foreign Assets Control (OFAC) sanctioned darkweb Hydra Marketplace and virtual currency Garantex and added both to the Specially Designated Nationals List (SDN) [view related post].

On October 1, 2020, OFAC issued a Ransomware Advisory “to alert companies that engage with victims of ransomware

The U.S. Department of Justice (DOJ) unsealed indictments against four Russian government officials on March 24, 2022, alleging that they hacked into networks that controlled energy systems in the U.S. 

According to the DOJ, the attacks took place between 2012 and 2018, and included physical damage to infrastructure, as well as embedding malware for later

The most recent Accenture Global Incident Report (the Report) shows that cyber-attackers have political views and are divided between support for Russia or Ukraine.

According to the Report, entitled “Global Incident Report: Threat Actors Divide Along Ideological Lines over the Russia-Ukraine Conflict on Underground Forums,” the war between Russia and Ukraine has caused an unusual

The world has rallied around Ukraine since Russian forces invaded this past week, including, it seems, hackers. The hacktivist collective Anonymous, which gained prominence between 2008 and 2014 with a series of high-profile politically motivated cyber-attacks against such disparate groups as the Church of Scientology and PayPal, has come out of the woodwork once again

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of destructive malware that is being used to target organizations in Ukraine, with the ongoing warnings of increased cyber-attacks against U.S. organizations.

The malware, WhisperGate and HermeticWiper, is used to “destroy computer systems and render them inoperable.”

U.S. officials this week warned government agencies, cybersecurity personnel, and operators of critical infrastructure that Russia might launch cyber-attacks against Ukrainian and U.S. networks at the same time it launches its military offensive against Ukraine.

The FBI and the Department of Homeland Security (DHS) warned law enforcement, military personnel, and operators of critical infrastructure to

The Cybersecurity & Infrastructure Security Agency (CISA) recently issued another warning to “every organization” in the U.S. about cybersecurity risks during the ongoing escalation of tension between the U.S. and Russia over Ukraine.

According to the CISA Insights publication entitled “Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats,” “public and private entities in

The most recent in a long list of IT security firms that have been hit with ransomware in the past year, Miami-based Kaseya Ltd disclosed late last week that it was hit with a ransomware attack that may affect hundreds, even thousands, of U.S.-based companies.

Kaseya has publicly stated that it is investigating the attack