Security news aggregator

Latest coverage for America

America covers cybersecurity incidents, policy, privacy, public services, advisories, and regional developments affecting digital security.

15 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

America covers cybersecurity and information-security developments connected to America, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.

For practitioners, the tag provides geographic context for developments involving America's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.

Showing 15 most recent headlines Filtered view
Bank Info Security 10 months, 1 week ago

ISMG Editors: The Pentagon, Microsoft and Chinese Workers

Also: Software Supply Chain Risks, Cato's AI Security BuyIn this week's update, four ISMG editors discussed the Pentagon's review of Microsoft's use of Chinese nationals on U.S. military cloud systems, renewed concerns over software supply chain risks and Cato Networks' first-ever acquisition to boost AI security.

Bank Info Security 10 months, 1 week ago

Trump Continues Push for AI in Schools as FTC Probes Risks

White House Kick Off School Year With AI Education Efforts, Public-Private CollabsThe Trump administration is rolling out its Presidential Artificial Intelligence Challenge with a series of high-profile White House events and public-private sector commitments - just as the Federal Trade Commission reportedly prepares to investigate AI systems' impact on child mental health.

Bank Info Security 10 months, 1 week ago

Breach Roundup: Scattered Lapsus$ Hunters Behind Jaguar Hack

Also, Disney Pays $10M to Settle Child Privacy Case, Spain Scraps Huawei DealThis week, Jaguar hack, Disney settled a child privacy case, Texas sued PowerSchool and federal prosecutors sued a toy maker. Spain voided a Huawei contract, Pennsylvania AG confirmed a ransomware attack. U.S. immigration enforcement resumed a spyware contract and Baltimore lost $1.5 million to BEC.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, noting that there is evidence of them being exploited in the wild

Seven-year-old Cisco vuln that remains inexplicably unpatched is their way in The US State Department has put a $10 million bounty on the heads of three Russians accused of being intelligence agents hacking America's critical infrastructure - primarily via old Cisco kit, it seems.…

Bank Info Security 10 months, 2 weeks ago

EU Court Preserves EU-US Data Privacy Framework

The EU General Court Gives Victory to Backers of Trans-Atlantic Data FlowsThe European Union General Court on Wednesday dismissed a plea by a French politician to annul the legal framework underpinning commercial data flows across the Atlantic, rejecting claims that a U.S. intelligence agency oversight body is not independent of the federal government.

Bleeping Computer 10 months, 2 weeks ago

US offers $10 million bounty for info on Russian FSB hackers

The U.S. Department of State is offering a reward of up to $10 million for information on three Russian Federal Security Service (FSB) officers involved in cyberattacks targeting U.S. critical infrastructure organizations on behalf of the Russian government. [...]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.