BankInfoSecurity.com

Also: Critical WHOIS Vulnerability Exposes Internet Security Flaw in .mobi Domains
This week, cyberthreats rising in Mexico; FBI warned of BEC scams; U.K. police arrested hacking suspect; Avis, Slim CD, Medicare and Fortinet disclosed breaches; Highline public schools reopened after cyberattack; a critical flaw was found in WHOIS; and Konni upped attacks on Russia, South Korea.

British Government Says Data Centers Are 'Essential for Functioning of Society'
The U.K. government on Thursday designated data centers as part of its critical national infrastructure in a move intended to prevent the loss of sensitive user data during disruptive cyberattacks. A newly announced data center security team will monitor and anticipate potential cyberthreats.

New Report Warns of Continued Delays and Deficiencies in Federal GPS Modernization
The Space Force is suffering from years of delays, setbacks and shortcomings in its Global Positioning System modernization program, according to a Government Accountability Office report, which found major deficiencies and testing issues that could hinder the United States competitiveness in space.

Company Focused on Safe Deployment Practices, Reducing Kernel Mode Dependencies
Cutting kernel mode dependencies and adopting safe deployment practices will make endpoint systems more resilient and secure for Windows customers. Tuesday's meeting came two months after a faulty CrowdStrike update disrupted 8.5 million Windows machines and caused $5.4 billion in direct losses.

More Competition, Ownership Turnover Among Peers Create an Appealing Time to Sell
Hellman & Friedman has met with several investments banks in recent weeks and will choose one to run the sale process for Paramus, New Jersey-based Checkmarx, in which it hopes to get at least $2.5 billion, Calcalist reported. The private equity firm bought Checkmarx for $1.15 billion in April 2020.

Cyber Researcher Reported Findings to Virtual Care Provider; Data Now Secured
An AI-powered virtual care provider's unsecured database allegedly exposed thousands of sensitive mental health and substance abuse treatment records between patients and their counselors on the internet - where they were available to anyone, said the security researcher who discovered the trove.

Report: North Korean, Russian, Chinese, Iranian Actors Are Targeting Research Orgs
Russian state hackers are targeting think tanks studying strategic interests and the defense sector, warned the French cyber agency. A hacking group that officially is Unit 26165 of the Russian Main Intelligence Directorate appears to be Russia's most prolific targeter of think tanks.

NoName Specializes in Long-Tail Exploits
Up-and-coming online criminal extortion group RansomHub appears to have a new affiliate - NoName, a midtier actor whose main claim to fame so far has been impersonating the LockBit ransomware-as-a-service operation. NoName is known for exploiting years-old vulnerabilities.

State Officials, Security Experts Warn of Increased Cyberthreats Ahead of Vote
Election security experts told Information Security Media Group the United States continues to lack adequate federal funding and resources to support state and local election information technology security efforts amid heightened global tensions and an ever-expanding threat landscape.

PureID Passwordless Authentication Tool Will Boost ColorTokens Microsegmentation
ColorTokens purchased PureID, expanding its zero trust framework with identity-based segmentation for cloud and hybrid environments. The acquisition focuses on securing cloud applications, microservices and APIs through advanced identity-based authentication.

New Tool Uses 40 Indicators to Provide In-Depth Diagnostic Analysis, Officials Say
Commerce Secretary Gina Raimondo unveiled a new data tool Tuesday called Scale. It assesses a wide range of factors affecting supply chains to provide a detailed analysis of potential risks and challenges, from labor shortages to climate challenges and geopolitical tensions.

Agencies Sign Agreement to Boost Cooperation, Share Cyberthreat Information
The British data protection authority and national law enforcement agency signed onto a cyber risk information-swapping agreement. The National Crime Agency and the Information Commissioner's Office will share cyberthreat assessments and information about incidents.

RAM-Based Radio Signal Attack Allows Attackers to Exfiltrate Data
A novel side-channel attack exploits radio signals emitted by random access memory in air-gapped computers, presenting a new threat to highly secure networks. One of the most effective ways to mitigate the risk is to cover sensitive machines with Faraday shielding.

Polish Deputy Prime Minister Says Russia Is Waging 'De Facto Cyberwar'
The Polish government said Monday it faces an onslaught of cyberattacks from Russian and Belarusian security agencies intent on cyberespionage and blackmail. Poland is in the midst of a "de facto cyberwar," said Deputy Prime Minister Krzysztof Gawkowski.

CRQ Can Help Organizations Optimize Investment, Improve Resilience, Manage Threats
When executives fully understand the potential impact and cost of cyberthreats, they can better assign the necessary resources to combat them. Learn about how Verizon's CRQ can help to improve an organization's cybersecurity investments and resilience.

A head-spinning series of acquisitions and mergers is transforming the security information and event management (SIEM) market. Behind this market shakeup is the ongoing technological shift from traditional, manually intensive SIEM solutions to AI-driven security analytics.

How You Can Help Secure the Nation's Backbone From Cyberattacks
Critical infrastructure encompasses the essential services and assets vital to the functioning of society and the economy. Specializing in security in this field requires a deep understanding of the challenges and threats facing sectors such as energy, transportation, healthcare and water systems.