The Cybersecurity and Infrastructure Security Agency (CISA) published a 447-page document of regulations according to the Cyber Incident Reporting for Critical Infrastructure Act in the Federal Register for public comment. The law passed in 2022 aims to enhance the government’s capability to monitor incidents and ransomware payments. Homeland Security Secretary …

A ransomware group is threatening to publish a huge cache of stolen data following a cyber attack on a Scottish health board. The group called INC Ransom claims to have three terabytes of data. NHS Dumfries and Galloway is aware that clinical data relating to a small number of patients …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) included a Microsoft SharePoint Server vulnerability in its list of known exploited vulnerabilities due to signs of active use by attackers. CVE-2023-24955 is a critical flaw that lets a user with Site Owner access run any code they choose. “In a network-based …