Aggregator

​

The post The Sting of Fake Kling: Facebook Malvertising Lures Victims to Fake AI Generation Website appeared first on Check Point Research.

To meet today’s complex security requirements, organizations need solutions that are not only secure, but also practical and scalable. The Swissbit iShield Key 2 offers a compelling answer by combining two critical security functions – digital authentication and physical access control – into a single, streamlined device. One key, double protection The Swissbit iShield Key 2 uniquely combines phishing-resistant digital authentication with physical access control. It enables enterprises and public authorities to secure operating systems, … More →

The post Product showcase: Secure digital and physical access with the Swissbit iShield Key 2 appeared first on Help Net Security.

State and local governments must grapple with resource constraints even as they face increased demand for cybersecurity vigilance to protect critical infrastructure and essential services. Here’s how exposure management can help.

State and local governments play a crucial role in the daily lives of communities, including managing the critical infrastructure we rely on every day, such as water systems, transportation networks, power grids, and emergency services. These institutions are on the front lines of delivering and safeguarding these essential services. A successful cyber attack on even a small municipality can disrupt daily operations, compromise sensitive data and threaten public safety.

As digital threats grow more advanced and persistent, protecting state and local systems is no longer just a technical issue, it is a fundamental part of securing the nation’s most vital functions. To address this growing challenge, state and local governments need comprehensive statewide cybersecurity strategies aligned with recognized cybersecurity best practices and standards, sustainable funding and coordinated support to defend against ever evolving threats.

As frontline operators of critical infrastructure, state and local governments face an increasingly complex and evolving cyber threat landscape. For example, in 2023, Volt Typhoon, a state-sponsored threat actor backed by the People’s Republic of China (PRC), launched a prolonged cyber attack against the Littleton Electric Light and Water Departments (LELWD) in Massachusetts. This marked the first known strike on a U.S. power utility by the group. The group targeted the utility’s operational technology (OT) infrastructure in an attempt to exfiltrate sensitive data. While LELWD was able to detect and contain the breach, the incident underscored the increasing sophistication of nation-state cyber threats and the serious risks they pose to essential services. This attack was not an isolated incident but part of a broader pattern of cyber espionage and disruption orchestrated by Volt Typhoon, which continues to target U.S. critical infrastructure.

Additionally, in July 2024, the City of Columbus, Ohio, experienced a significant ransomware attack attributed to the Rhysida group, a foreign threat actor. This breach compromised the personal and financial data of 500,000 residents, including Social Security numbers, bank account details, and other sensitive information. The incident disrupted city services and prompted the city to offer two years of free credit monitoring to affected individuals.

In February 2023, the City of Oakland, California, suffered a ransomware attack by the Play group, which disrupted essential city services and exposed sensitive personnel records, including those of police officers and firefighters. The breach prompted a state of emergency and raised serious concerns about the city's cybersecurity preparedness.

“This increase in activity from advanced persistent threat (APT) actors targeting U.S. critical infrastructure highlights the need for increased vigilance from state and local governments. Since U.S. critical infrastructure is owned and operated by both public sector and private sector organizations, the threat is a concern for government agencies as well as corporate enterprises.”

 — Mark Weatherford, former Deputy Undersecretary for Cybersecurity, U.S. Department of Homeland Security

These incidents are part of a broader and accelerating pattern of cyberattacks targeting municipal governments, highlighting the urgent need for enhanced cybersecurity measures at the local level. 

“This increase in activity from advanced persistent threat (APT) actors targeting U.S. critical infrastructure highlights the need for increased vigilance from state and local governments,” wrote Mark Weatherford, former Deputy Undersecretary for Cybersecurity, U.S. Department of Homeland Security, in a guest blog post for Tenable in November 2024. “Since U.S. critical infrastructure is owned and operated by both public sector and private sector organizations, the threat is a concern for government agencies as well as corporate enterprises.”

In March, the Office of the Director of National Intelligence (ODNI) released its Annual Threat Assessment of the U.S. Intelligence Community, referencing Volt Typhoon and other nation-state cyber threats against critical infrastructure, reinforcing the need for heightened vigilance at the state and local levels.

On March 19, 2025, President Trump released Executive Order (EO) 14239: Achieving Efficiency Through State and Local Preparedness. The goal of the EO is to improve national disaster preparedness and resilience by empowering state and local governments to take a leading role in securing critical infrastructure, including from cyber attacks, while also streamlining and modernizing federal policies to support them more effectively.

The order also emphasizes a shift from a broad "all-hazards" approach to a risk-informed strategy, encouraging smarter investments in infrastructure and calls for the creation of a National Resilience Strategy and a National Risk Register.

While we await guidance and implementation details for Executive Order 14239 on how state and local governments should take a more active role in cyber attack preparedness, there are proactive steps that can be taken now. These include conducting regular risk assessments, adopting basic cyber hygiene practices and implementing a proactive exposure management strategy. By taking action now, even amid uncertainty, state and local entities can begin building the foundation for a more resilient and secure infrastructure.

Despite being on the front lines of managing critical infrastructure, many state and local governments face significant challenges, including limited resources and legacy infrastructure, making it difficult to detect and respond to cyber threats.

As state and local governments take on more responsibility for national disaster preparedness and resilience, including protection against cyber attacks, support from programs like the State and Local Cybersecurity Grant Program (SLCGP) are more vital than ever. SLCGP provides funding to help state, local, tribal and territorial governments develop and implement effective cybersecurity strategies. By funding key initiatives such as mutli-factor authentication, vulnerability management and threat prioritization, SLCGP plays a vital role in strengthening the cybersecurity posture of these governments.

In my testimony before the House Homeland Security Committee’s Cybersecurity and Infrastructure Protection Subcommittee in April, I emphasized the need to continue the SLCGP program and the importance of adopting an exposure management strategy to tackle these threats. During the April 1 hearing, “Cybersecurity is Local, Too: Assessing the State and Local Cybersecurity Grant Program,” I provided analysis on threats facing state and local governments, the impact of SLCGP, improvements that could be made to the program, and how a risk-informed approach is needed to protect state infrastructure, including critical infrastructure, from cyber attacks.

Exposure management is aligned with the National Institute of Standards and Technology (NIST) Cybersecurity Framework 2.0 and supports a more strategic risk-informed approach to cybersecurity, continuously assessing the accessibility, exploitability and criticality of all digital assets, including the operational technology used in critical infrastructure. By implementing an exposure management strategy, state and local governments will be better equipped to secure their environments in the face of constant cyber threats and campaigns from nation-state attackers. This proactive approach helps state and local governments improve operational efficiency, reduce costs, protect against emerging threats and ensure that critical systems and services remain secure and uninterrupted.

An exposure management strategy relies on a technology platform that enables the discovery and aggregation of asset data across your entire external and internal attack surface. Seemingly elusive assets in cloud, IT, operational technology (OT), internet of things (IoT), identities and applications will show up in a holistic view of the attack surface. An exposure management platform will detect the three preventable forms of risk attackers use to gain initial access and move laterally: vulnerabilities, misconfigurations and excessive privileges. The platform will aggregate findings by asset then normalize them to calculate an overall risk score that enables security teams to quickly identify the assets that pose the greatest potential risk to your organization. An exposure management platform shares the detailed asset, identity and risk relationship information it discovers and maintains in its asset inventory. You’ll be able to see high-risk assets and, more importantly, you’ll be able to see all related attack paths that lead to that asset.

State and local governments are under pressure to improve efficiency, reduce costs and do more with less, while securing essential systems against cyber attacks. Tenable One enables you to take a proactive, risk-informed approach, prioritizing the most critical cyber risks to avoid costly incidents and keep services running. Here are three ways the Tenable One Exposure Management Platform can help.

1. Protect critical infrastructure. Tenable One provides complete visibility into both your IT and OT environments so your agency can protect essential systems like water, energy, and transportation. From real-time threat detection to prioritized remediation, Tenable helps your security team quickly identify and respond to risks before they disrupt public services or compromise safety.
2. Increase efficiency and effectiveness. Tenable One helps your team work smarter by unifying visibility across your entire environment, including cloud, on-prem, identity and OT/IoT systems, eliminating silos and reducing manual effort. With automated asset discovery, risk-based prioritization and machine learning-driven insights, your team can cut through the noise, focus on what matters most and proactively reduce the attack surface.
3. Reduce costs. With Tenable One, you can consolidate security tools into a single platform, cutting down on unnecessary spending and complexity. By proactively identifying and closing high-risk exposures, you can mitigate the financial and operational consequences of data breaches, system outages and compliance violations.

For more information on how Tenable One can help state and local governments:

• Review Securing critical infrastructure: Enhancing cyber resilience with a risk-based approach for state and local governments

Watch our on-demand webinar How State and Local Governments Can Boost Cyber Resilience with Exposure Management

In an age where smartphones contain our most sensitive information, phishing attacks targeting iPhone users have surged dramatically. According to recent reports, phishing messages have increased by 202% in the second half of 2024, with credential-based phishing attacks skyrocketing by an alarming 703% during the same period. Understanding how to protect your iPhone has never […]

The post iPhone Security 101 – Protecting Your Device from Phishing Scams appeared first on Cyber Security News.

Data breach at Serviceaide, Inc., a technology vendor for Catholic Health, exposed sensitive information belonging to approximately 480,000 patients. The incident, caused by an improperly secured Elasticsearch database, left names, Social Security numbers, medical records, and login credentials publicly accessible for nearly seven weeks. While forensic analysts found no direct evidence of data misuse, the […]

The post Cyberattack on Serviceaide Compromises Data of 480,000 Catholic Health Patients appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Red Hat Enterprise Linux 10 provides a strategic and intelligent backbone for enterprise IT to navigate complexity, accelerate innovation and build a more secure computing foundation for the future. As enterprise IT grapples with the proliferation of hybrid environments and the imperative to integrate AI workloads, the need for an intelligent, resilient and durable operating system has never been greater. Red Hat Enterprise Linux 10 rises to this challenge, delivering a platform engineered for agility, … More →

The post Red Hat Enterprise Linux 10 helps mitigate future quantum-based threats appeared first on Help Net Security.

A newly identified cyberattack campaign has revealed the persistent and evolving threat of Bumblebee malware, a sophisticated downloader first discovered in 2022 and linked to ransomware groups like Conti. According to a recent report by Cyjax, threat actors have orchestrated a cunning SEO poisoning scheme targeting users of the Bing search engine. This campaign leverages […]

The post Threat Actors Deploy Bumblebee Malware via Poisoned Bing SEO Results appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.