TikTok Forms U.S. Joint Venture to Continue Operations Under 2025 Executive Order

TikTok on Friday officially announced that it formed a joint venture that will allow the hugely popular video-sharing application to continue operating in the U.S. The new venture, named TikTok USDS Joint Venture LLC, has been established in compliance with the Executive Order signed by U.S...

CVE-2025-53026

...

Building Confidence in Cyber Essentials Compliance with Qualys Policy Audit

In an era where cyberattacks are becoming more frequent, sophisticated, and damaging, organizations in the UK and around the world are under increasing pressure to adopt effective cybersecurity measures. Threats such as phishing, ransomware, data breaches, and supply chain compromises now target...

Cybersecurity for Autonomous Vehicles

The increasing adoption of autonomous vehicles is bringing a major shift in the automotive industry. However, as these vehicles become more connected, cybersecurity threats have emerged as a serious concern. Protecting the security and integrity of autonomous systems is essential to prevent...

Secure Ideas Achieves CREST Accreditation and CMMC Level 1 Compliance

Jacksonville, United States, 3rd April 2025, CyberNewsWire...

Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats

Google Cloud has announced quantum-safe digital signatures in Google Cloud Key Management Service Cloud KMS for software-based keys as a way to bulletproof encryption systems against the threat posed by cryptographically-relevant quantum computers. The feature, currently in preview, coexists with...

DORA: Strengthening Digital Resilience Through API Security

The Digital Operational Resilience Act DORA is one of the most significant cybersecurity regulations for financial institutions in the European Union EU. Failure to comply can have massive consequences, including financial penalties and forced operational downtime, meaning achieving DORA complian...

FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance

The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things IoT consumer devices. "IoT products can be susceptible to a range of security vulnerabilities," the U.S. Federal Communications Commission FCC said. "Under thi...

CISA is warning us (again) about the threat to critical infrastructure networks

Government-run water systems and other critical infrastructure are still at risk from state-sponsored actors, according to a renewed warning from the U.S. Cybersecurity and Infrastructure Security Agency. CISA released an advisory last week on the matter of days after a small water treatment...

herjourney.com Cross Site Scripting vulnerability OBB-3897030

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Ensuring Compliance with DORA: How Qualys Solutions Can Help

Introduction The Digital Operational Resilience Act DORA is a new regulation implemented by the European Union to ensure the stability and security of the financial sector. Coming into effect in 2022, DORA mandates enhanced cybersecurity and operational resilience standards for financial...

Auditors: Feds’ Cybersecurity Gets the Dunce Cap

Out of eight U.S. federal agencies identified two years ago with critical cybersecurity failures, seven still don’t meet basic standards, a new audit report found. The Federal government’s overall posture was given just a C-. Audited agencies included the Departments of State, Homeland Security,...

Ransomware to be investigated like terrorism

The impact of recent ransomware attacks on vital infrastructure in the US has triggered a reaction from the US Attorney’s office. In an internal guidance it says that all ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington...

New US Executive Order on Cybersecurity

President Biden signed an executive order to improve government cybersecurity, setting new security standards for software sold to the federal government. For the first time, the United States will require all software purchased by the federal government to meet, within six months, a series of ne...

Pipeline Update: Biden Executive Order, DarkSide Detailed and Gas Bags

Colonial Pipeline Co. may have turned off the tap following Friday’s ransomware attack, but the news about the devastating assault keeps gushing. In the wake of the DarkSide cyberattack, President Biden signed an executive order Wednesday aimed at bolstering the federal government’s cyber defense...

Colonial Pipeline attack expected to trigger imminent hardening of cybersecurity rules for federal agencies

UPDATE 04:23 pm Pacific Time, May 12: On Wednesday, President Joe Biden signed an Executive Order that broadly directs the Commerce Department to create cybersecurity standards for companies that sell software to the federal government. The Order comes in the immediate aftermath of a ransomware...

Fixing the Weakest Link — The Passwords — in Cybersecurity Today

Password security has long been an issue for businesses and their cybersecurity standards. Account passwords are often the weakest link in the overall security posture for many organizations. Many companies have used Microsoft's default password policies for decades. While these can be customized...

Feds Issue Recommendations for Maritime Cybersecurity

The White House has released cybersecurity guidance for securing the Maritime Transportation System MTS, which operates along 25,000 miles of coastal and inland waterways in the United States. The document points out that the MTS encompasses “361 ports, 124 shipyards, more than 3,500 maritime...

Patching as a social responsibility

In the wake of the devastating NotPetya attack, Microsoft set out to understand why some customers weren’t applying cybersecurity hygiene, such as security patches, which would have helped mitigate this threat. We were particularly concerned with why patches hadn’t been applied, as they had been...

For $8.6M, Cisco Settles Suit Over Bug-Riddled Video Surveillance Software

Cisco Systems has agreed to pay $8.6 million to settle a lawsuit that alleged it sold video security software with known security vulnerabilities to U.S. federal and state governments. The litigation, originally brought in 2011, was filed under the False Claims Act, claiming that the software...