-
6 days ago | 
securitymagazine.com | Jordyn Alger
Two senators have introduced a bipartisan bill to extend provisions originally in the Cybersecurity Information Sharing Act of 2015. The senators, Senators Gary Peters (D-MI), Ranking Member of the Homeland Security and Governmental Affairs Committee, and Mike Rounds (R-SD), who Serves as Chairman of Senate Armed Services Committee (SASC) Subcommittee on Cybersecurity, want to extend the law by 10 years.
-
1 week ago | 
securitymagazine.com | Jordyn Alger
DaVita, a kidney dialysis company, has experienced a ransomware attack. The organization disclosed the incident in a filing with the Securities and Exchange Commission (SEC) on April 12, 2025. Due to the recency of the incident, the investigation and response is ongoing. The nature and scope of this attack is not yet known.
-
1 week ago | 
securitymagazine.com | Jordyn Alger
MITRE Corporation’s funding from the federal government was expected to deplete today, according to an email sent out by the organization. However, the Cybersecurity and Infrastructure Security Agency (CISA) has announced it is extending support for MITRE to prevent a lapse in payments. MITRE manages the Common Vulnerabilities and Exposures (CVE) database and is responsible for identifying, describing and categorizing publicly disclosed cyber vulnerabilities.
-
1 week ago | 
securitymagazine.com | Jordyn Alger
CybersecuritySecurity NewswireCybersecurity News Car rental service Hertz has provided notice of a data breach potentially affecting customer information. According to a filing with the Maine Attorney General’s office, the breach is connected to Cleo file-transfer software vulnerabilities. It is currently understood that the malicious actors leveraged zero-day vulnerabilities in order to gain access.
-
1 week ago | 
securitymagazine.com | Jordyn Alger
Trend Micro Research has found a NVIDIA security update from September 2024 for a critical vulnerability (CVE-2024-0132) was incomplete. This patch was meant for the NVIDIA Container Toolkit and could potentially leave systems open to container escape attacks. Furthermore, the researchers identified a a denial-of-service (DoS) vulnerability impacting Docker on Linux.
-
1 week ago | 
securitymagazine.com | Jordyn Alger
Oracle has informed customers that a malicious actor accessed a computer system, stealing old login credentials for clients. This is the second cyber breach the organization has experienced in the last month, following Oracle’s initial denial of a cyber incident. According to the organization, this new incident is separate from the previous hacking event.
-
1 week ago | 
securitymagazine.com | Jordyn Alger
The United States Treasury Department’s Office of the Comptroller of the Currency (OCC) has recently discovered an email system breach, describing it as a “major information security incident.” The OCC supervises, regulates, and charters all national banks in addition to supervising federal agencies of foreign banks. This breach was discovered due to internal and external reviews of OCC emails and email attachments exposed to unauthorized access.
-
2 weeks ago | 
securitymagazine.com | Jordyn Alger
Research from Darktrace discusses an email bombing attack observed in February 2025, in which a user received more than 150 emails in less than five minutes, sent from 107 unique domains. Each of these emails circumvented a Security Email Gateway (SEG). Email bombing, also referred to as spam bombing, is a technique in which a malicious actor sends a large volume of emails to a user within a short timeframe.
-
2 weeks ago | 
securitymagazine.com | Jordyn Alger
The director of the National Security Agency (NSA), Air Force Gen. Timothy Haugh, has been dismissed from his position. At this time, the purpose for the dismissal is not immediately evident. He served as both the director of the NSA and as the head of U.S. Cyber Command since February 2024. This discharge occurred alongside a dismissal of the NSA’s Deputy Director, Wendy Noble. Below, security leaders share their thoughts on this dismissal and provide insights as to why it may have occurred.
-
2 weeks ago | 
securitymagazine.com | Jordyn Alger
Pursuing higher education shouldn’t be a safety-threatening experience. However, as geopolitical conflicts grow, tensions can rise on campuses and contribute to feelings of vulnerability. For security leaders tasked with protecting universities, students, faculty and staff, understanding how to mitigate risks and foster a sense of safety is essential.
