The White House urged private organizations to bolster their cybersecurity defenses, as intelligence suggests Russia is exploring options for potential cyberattacks to target U.S. critical infrastructure.

Identity and access management company Okta is investigating a possible data breach after ransomware group Lapsus$ claimed to have hacked the company.

Ransomware as a service (RaaS) affiliate group AvosLocker has targeted a number of victims across multiple critical infrastructure sectors. Here are a few mitigation strategies organizations can implement. 

To help reduce tragedies due to misogynistic extremism, such as the Hot Yoga Tallahassee attack, organizations should establish proactive safety programs and a multidisciplinary threat assessment program. 

Russian state-sponsored cyberattackers gained network access to a non-governmental organization by exploiting default multi-factor authentication (MFA) protocols and PrintNightmare, a known security vulnerability. 

For teams looking to respond to evolving mobile security threats, the Zimperium 2022 Global Mobile Threat Report offers some insights. 

Meta has been fined $18.9 million by the Irish Data Protection Commission for Facebook’s 2018 data breaches that violate data security and privacy, according to the European Union’s General Data Protection Regulation (GDPR). 

The Securities and Exchange Commission (SEC) has proposed changes to standardize public companies’ disclosures regarding cybersecurity risk management, strategy, governance and incident reporting.

CISA's Cyber Storm exercise simulates a significant cybersecurity incident impacting critical infrastructure to improve risk management, incident response planning, information sharing and cyber response activities. 

Don’t get too caught up in the excitement of March Madness. Cybercriminals will use social engineering, phishing, malware, ransomware and other cybersecurity strategies to wreak havoc. Boost security defenses now.