Tag:

cybersecurity

Congress let a key cybersecurity law expire this week, leaving US networks more vulnerable

by admin October 4, 2025

There’s a long list of reasons US stability is now teetering between “Fyre Festival” and “Charlie Sheen’s ‘Tiger Blood’ era.” Now you can add cybersecurity to the tally. A crucial cyber defense law, the Cybersecurity Information Sharing Act of 2015 (CISA 2015), has lapsed. With the government out of commission, the nation’s computer networks are more exposed for… who knows how long. Welcome to 2025, baby.

CISA 2015 promotes the sharing of cyber threat information between the private and public sectors. It includes legal protections for companies that might otherwise hesitate to share that data. The law promotes “cyber threat information sharing with industry and government partners within a secure policy and legal framework,” a coalition of industry groups wrote in a letter to Congress last week.

As Cybersecurity Dive explains, CISA 2015 shields companies from antitrust liability, regulatory enforcement, private lawsuits and FOIA disclosures. Without it, sharing gets more complicated. “There will just be many more lawyers involved, and it will all go slower, particularly new sharing agreements,” Ari Schwartz, cybersecurity director at the law firm Venable, told the publication. That could make it easier for adversaries like Russia and China to conduct cyberattacks.

Senator Rand Paul (R-KY)

(Kevin Dietsch via Getty Images)

Before the shutdown, there was support for renewal from the private sector, the Trump administration and bipartisan members of Congress. One of the biggest roadblocks was Sen. Rand Paul (R-KY), chairman of the Senate Homeland Security Committee. He objected to reauthorizing the law without changes to some of his pet issues. Notably, he wanted to add language that would neuter the ability to combat misinformation and disinformation. He canceled his planned revision of the bill after a backlash from his peers. The committee then failed to approve any version before the expiration date.

Meanwhile, House Republicans included a short-term CISA 2015 renewal in its government funding bill. But Democrats, whose support the GOP needs, wouldn’t support the Continuing Resolution for other reasons. They want Affordable Care Act premium tax credits extended beyond their scheduled expiration at the end of the year. Without an extension, Americans’ already spiking health insurance premiums will continue to skyrocket.

In its letter to Congress last week, the industry coalition warned that the expiration of CISA 2015 would lead to “a more complex and dangerous” security landscape. “Sharing information about cyber threats and incidents makes it harder for attackers because defenders learn what to watch for and prioritize,” the group wrote. “As a result, attackers must invest more in new tools or target different victims.”

Source link

October 4, 2025 0 comments

Crypto Trends

Web3 White Hats Earn Millions, Dwarfing $300K Cybersecurity Salaries

by admin September 13, 2025

Top white hats hunting vulnerabilities across decentralized protocols in Web3 are earning millions, dwarfing the $300,000 salary ceiling in traditional cybersecurity roles.

“Our leaderboard shows researchers earning millions per year, compared to typical cybersecurity salaries of $150-300k,” Mitchell Amador, co-founder and CEO of bug bounty platform Immunefi, told Cointelegraph.

In crypto, “white hats” refers to ethical hackers paid to disclose vulnerabilities in decentralized finance (DeFi) protocols. Unlike salaried corporate roles, these researchers choose their targets, set their own hours and earn based on the impact of what they find.

So far, Immunefi has facilitated more than $120 million in payouts across thousands of reports. Thirty researchers have already become millionaires.

“We’re protecting over $180 billion in total value locked across our programs,” Amador said, adding that the platform offers bounties of up to 10% for critical bugs. “These million-dollar payouts reflect the reality that many protocols have tens or hundreds of millions at stake from single vulnerabilities,” he said.

Immunifi has made 30 millionaires. Source: Immunifi

Related: New ModStealer malware targets crypto wallets across operating systems

$10 million bug bounty saved billions

The largest single payout to a Web3 white hat was $10 million, awarded to a hacker who found a fatal flaw in Wormhole’s crosschain bridge. Amador said that vulnerability could have vaporized billions.

Despite that vulnerability being uncovered, Wormhole suffered a $321 million exploit on its Solana bridge in 2022, the largest crypto hack of the year. In Feb. 2023, Web3 infrastructure firm Jump Crypto and Oasis.app conducted a “counter exploit” on the Wormhole protocol hacker, clawing back a total of $225 million.

Amador revealed that critical vulnerabilities account for the biggest rewards. Top researchers have pulled in between $1 million and $14 million, depending on the severity and scope of their findings. “These are the 100x hackers who can find vulnerabilities others miss,” he said.

While the early years of DeFi were plagued by smart contract bugs, 2025 has seen a rise in “no-code” exploits like social engineering, compromised keys, and lapses in operational security. Despite that shift, bridges remain the most lucrative targets due to their crosschain complexity and the vast sums they secure.

Patterns have emerged in the types of projects that get breached most often. “DeFi protocols handling significant TVL and lacking strong bounty programs are the most exposed,” Amador said. He warned that early-stage teams rushing to market without security measures, as well as complacent established players, carry elevated risks.

Related: DeFi whale loses $40M as Kinto winds down and SwissBorg suffers hack: Finance Redefined

Crypto hackers stole $163 million in August

As Cointelegraph reported, crypto-related hacks and scams hit $163 million in losses in August, a 15% rise from July’s $142 million. Despite the spike, overall incidents trended downward, with only 16 attacks recorded compared to 20 in June.

The majority of losses came from two major incidents. These include a $91 million social engineering scam targeting a Bitcoiner and a $50 million breach of Turkish exchange Btcturk.

Magazine: Meet the Ethereum and Polkadot co-founder who wasn’t in Time Magazine

Source link

September 13, 2025 0 comments

Gaming Gear

‘Microsoft has become like an arsonist selling firefighting services to their victims’ says US senator, referring it to the FTC for a cybersecurity flaw, though Microsoft says it has a plan

by admin September 12, 2025

US senator Ron Wyden has written a letter to the FTC requesting that the organisation investigate Microsoft for what he calls “gross cybersecurity negligence.” His complaint is primarily related to a form of encryption still supported by the company’s Windows operating system, which the senator’s office believes is vulnerable to ransomware attacks.

In the letter [PDF warning], Senator Wyden reveals that an investigation his office conducted into a ransomware breach of healthcare provide Ascension last year found that support of the RC4 encryption cipher was a direct contributor to the attack (via Ars Technica).

“Because of dangerous software engineering decisions by Microsoft, which the company has largely hidden from its corporate and government customers, a single individual at a hospital or other organization clicking on the wrong link can quickly result in an organization-wide ransomware infection,” said Wyden.

“Microsoft has utterly failed to stop or even slow down the scourge of ransomware enabled by its dangerous software.”

RC4, or Rivest Cipher 4, was developed in 1987 by mathematician and cryptographer Ron Rivest, and was considered a protected method of encryption until 1994, when it was compromised as a result of a leaked technical description. Despite this, RC4 was widely used in common encryption protocols until around a decade ago, and is still used by Microsoft to secure Active Directory, a Windows component used by system administrators to configure user accounts.

(Image credit: Witthaya Prasongsin via Getty Images)

While Windows will use AES encryption by default, the senator’s office discovered that Windows servers will still respond to RC4-based authentication requests, which potentially opens them up to “Kerberoasting.” This is a technique in which administrative privileges are gained via exploiting encryption on one affected machine in order to install ransomware on others.

In the case of Ascension, the senator claims that a contractor clicking on a malicious link led to hackers “moving laterally” within its server network, exploiting the weak encryption in order to push ransomware to thousands of other other computers in the organisation and ultimately stealing the sensitive data of 5.6 million patients.

While the senator says that his office contacted Microsoft about the vulnerability, and that the company eventually posted a blog post with actions that organisations could take to protect against it, a promised security update to fix the issue is yet to arrive.

(Image credit: Future)

“The Ascension hack illustrates how it is Microsoft’s customers, and, ultimately, the public, who bear the cost of Microsoft’s dangerous software engineering practices and the company’s refusal to inform its customers about the pressing need to adopt important cybersecurity safeguards,” the senator continues.

“There is one company benefiting from this status quo: Microsoft itself. Instead of delivering secure software to its customers, Microsoft has built a multibillion dollar secondary business selling cybersecurity add-on services to those organizations that can afford it. At this point, Microsoft has become like an arsonist selling firefighting services to their victims”

The senator ends his letter by urging the FTC to investigate Microsoft, and hold the company responsible for what the senator claims is the “serious harm it has caused by delivering dangerous, insecure software to the U.S. government and to critical infrastructure entities, such as those in the U.S. health care sector.”

(Image credit: Maciej Toporowicz, NYC via Getty Images)

Microsoft has since released a statement to multiple outlets, including Ars Technica, directly addressing the senator’s claims:

“RC4 is an old standard, and we discourage its use both in how we engineer our software and in our documentation to customers – which is why it makes up less than .1% of our traffic. However, disabling its use completely would break many customer systems,” the company said.

“For this reason, we’re on a path to gradually reduce the extent to which customers can use it, while providing strong warnings against it and advice for using it in the safest ways possible. We have it on our roadmap to ultimately disable its use. We’ve engaged with The Senator’s office on this issue and will continue to listen and answer questions from them or others in government.”

Microsoft also says that in the first quarter of 2026, “Any new installations of Active Directory Domains using Windows Server 2025 will have RC4 disabled by default, meaning any new domain will inherently be protected against attacks relying on RC4 weaknesses. We plan to include additional mitigations for existing in-market deployments with considerations for compatibility and continuity of critical customer services.”

Best gaming PC 2025

All our current recommendations

Source link

September 12, 2025 0 comments

Gaming Gear

I am a cybersecurity expert – here’s why it’s time for businesses to bolster defenses, beyond just tech

by admin September 2, 2025

The first half of 2025 has undeniably showcased the devastating power of data breaches and ransomware attacks. High-profile brands such as Marks & Spencer, Harrods, and Qantas Airlines have all been through cyber shockwaves, with countless amounts of employee and customer information lost to hackers. This has not only eroded brand trust but also raised serious questions about the solidity of overall business security infrastructure.

The breaches were primarily caused by social engineering attacks targeting IT help desks, which allowed attackers to gain access to systems and deploy ransomware. According to the latest insights, hackers impersonated employees to trick IT staff into granting access by requesting to reset passwords, ultimately leading to the compromise of sensitive data.

Andy Syrewicze

Social Links Navigation

Security Evangelist at Hornetsecurity.

All evidence shows hackers’ deep understanding of human psychology, enabling them to exploit social norms and complacency to bypass some of the most robust data security systems. Affected businesses have responded swiftly to attacks and offered timely support to those impacted; however, it’s clear all businesses need to improve their cybersecurity if they are to stay safe in this ever-evolving world of cyber threats.

Elevating password security: The human element of your first line of cyber defenses

As recent data breaches have shown, password-granted access is often the breakthrough hackers need to compromise systems. Introducing key changes to how businesses manage passwords can help in the fight against nefarious actors.

Firstly, small changes to password policies can add an extra layer of protection, making it more difficult for hackers to gain access. As you inspect your existing policies, DON’T forget the basics! For example, personal information in passwords should be avoided as it’s easy for hackers to get user logins if names, birthdays, or other personal information is directly included in passwords.

It seems simple, yes, but some of the largest organizations in the world have been breached because of the omission of basics like this. Once hackers gain access to the targeted systems, the risks of data breach is all but certain, raising the likelihood that confidential information will be exposed on malicious websites.

Businesses should therefore implement clear password policies, including setting rules for password length and complexity, and make sure you’re following NIST best practices for password generation. Take scheduled password resets, NIST no longer recommends forced password changes unless there is evidence of breach. This is due to the fact that users would make highly serialized passwords in an attempt to remember them, which ultimately lowers operational security..

The strict application of MFA

In addition to the password hygiene rules, the strict application of multi-factor authentication (MFA) across organizations, including their external partners, is necessary to maintain cybersecurity.

Here, PINcodes and biometric authentication that require verification via a physical device (like FIDO2) help prevent unauthorized users from accessing accounts, even when passwords have been stolen. Deploying MFA across business and personal accounts enhances protection against common security threats such as malware, phishing, and ransomware attacks.

Warning: while MFA helps, it isn’t a catch-all safeguard. Social engineering, or the use of reverse-proxy style toolkits, allows threat actors to account for MFA during the login process. This enables the attacker to capture the target’s authentication token regardless of MFA being enabled on the account.

Adoption of Passkeys

To counter this, technologies like Passkeys should also be adopted by businesses to create additional safeguards against cyber attacks. Operated by using public key cryptography, Passkeys generate a public/private key pair whenever a new passkey is established with an online service.

The authentication response is unique for each login, which means there are no passwords to be stolen on the service end of the login process. Passkeys are also typically URL-bound, rendering reverse-proxy phishing kits useless for threat actors.

Strict practices of password hygiene and the adaptation of evolving password technologies will strengthen businesses’ data protection and bolster cybersecurity against unverified attempts to access accounts.

While password security is important, to foster truly robust cyber resilience, more steps need to be taken across organizations in their day-to-day operations to maintain safety.

Cultivating a culture of cyber resilience: policies, training, and overlooked vulnerabilities

To embed cyber resilience into organizational culture, it is crucial to upgrade data security policies and ensure employees can implement them daily. These will foster a full-scale ecosystem of accountability and vigilance.

Businesses should implement ongoing tiered cybersecurity awareness training for their employees. Successful completion of a round of tests and simulations will automatically unlock progressively more challenging ones.

Those who don’t pass initial tests receive opportunities for further practice and re-testing at that difficulty level until they succeed. This approach fosters progressive cybersecurity training and rewards successful employees with less frequent testing.

Additionally, regular feedback loops, surveys or user-friendly polls can ensure the current security training stays up-to-date with cybersecurity trends, covering key topics such as phishing and ransomware.

A particular focus should also target the cyber vulnerabilities faced by organizations implementing remote and hybrid work. While implementing strategies for protecting devices and networks beyond the traditional office perimeter, such as applying MFA and role-based data access, businesses should make sure there are regular software updates and enhanced firewall configurations.

CISOs and IT teams should enforce a Zero Trust approach, ensuring that each user has no more than the access they need and that every connection and communication, no matter how trustworthy it may seem, is vetted for authenticity.

Building a proactive and adaptive cyber defense ecosystem

To stay safe from attacks, businesses must consistently refine and manage their cybersecurity strategy. Strengthening data security across all accounts is essential to minimizing data breaches and safeguarding sensitive information.

Additionally, businesses should prioritize other critical areas based on their specific risk profiles. This means a careful, case-by-case assessment of where vulnerabilities lie and where the greatest impact can be made. Focusing on the following key actions is vital:

– Enforce strong password hygiene across the organization, and mandate the use of Multi-Factor Authentication (MFA) or Passkeys to secure the first line of defense without exception

– Encourage progressive learning by implementing an ongoing, tiered cybersecurity testing program that adapts to roles, responsibilities, and knowledge

– Embrace regular feedback through employee surveys and polls to keep the current cybersecurity training relevant and effective

– Enhance remote and hybrid work settings by applying technical safeguards alongside a Zero Trust approach to limit data exposure and risk

The path forward requires a holistic view, a commitment to continuous adaptation, and the firm understanding that the strongest defense isn’t just about tech, but the informed and vigilant human element that underpins it.

We’ve listed the best business password managers.

This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Source link

September 2, 2025 0 comments