| FRIDAY, OCT. 10, 2025 | Congress is taking another shot at an information-sharing bill. SonicWall has a big update to its recent breach. And we hear what it's like to go through the FedRAMP process. This is CyberScoop for Friday, October 10. |
|
|
U.S. Sen. Gary Peters, D-Mich., leaves a Senate Democratic meeting at the U.S. Capitol Building on Oct. 3, 2025. (Photo by Kevin Dietsch/Getty Images) |
|
|
An attempt to revive the information-sharing billSen. Gary Peters has introduced the Protecting America from Cyber Threats (PACT) Act to retroactively reinstate and extend the now-expired Cybersecurity and Information Sharing Act of 2015 (CISA 2015), which offers liability protections for organizations sharing cyber threat information. The proposed legislation aims to provide long-term certainty for industry and government amid confusion and political disagreements over reauthorization and the CISA agency’s role. The lapse in the law has raised concerns among cybersecurity professionals, who stress the need for stable information-sharing protections to maintain effective cybersecurity operations. Tim Starks has more. |
|
|
1Password ebook: Why MDM isn’t enough for device security
MDM is often a compliance necessity, but it’s just one piece of the endpoint security puzzle. Your MDM needs help. And your security team needs solutions that can manage the risks that MDM can’t. Device trust solutions can provide granular insights across your fleet and resolve critical risks that MDMs can’t see, such as: - Plaintext SSH keys
- Malicious browser extensions
- Noncompliant BYOD
And that’s just the beginning. Check out 1Password’s ebook to learn how your team can go beyond MDM. Read the ebook!
|
|
|
SonicWall comes cleanA brute-force attack on SonicWall’s cloud backup service exposed firewall configuration files—including encrypted passwords, firewall rules, and routing data—for every customer using the service, prompting criticism of the company’s lack of basic security controls. While SonicWall previously claimed less than 5% of its firewall install base used the cloud service, it has since removed that detail, and the breach is seen as particularly concerning given the sensitive data involved and the company’s history of vulnerabilities exploited in ransomware campaigns. SonicWall has notified affected customers, released remediation tools, and is working with Mandiant to strengthen its cloud infrastructure security, but experts warn exposed encrypted credentials could be cracked offline or aid future targeted attacks. Matt has more here. |
|
|
|
What's it like to go through the FedRAMP process?This week on Safe Mode, we talk with Scott Montgomery, VP of Federal at Island, about the realities of achieving FedRAMP authorization. Scott demystifies the often daunting FedRAMP process, shares lessons learned from real-world experience, and reveals the biggest pitfalls organizations face. From data sensitivity requirements to the growing importance of automation in security compliance, this episode is essential listening for anyone navigating federal cloud standards or considering a move into the government tech space. Listen here. |
|
|
1Password ebook: Why MDM isn’t enough for device security
MDM is often a compliance necessity, but it’s just one piece of the endpoint security puzzle. Your MDM needs help. And your security team needs solutions that can manage the risks that MDM can’t. Device trust solutions can provide granular insights across your fleet and resolve critical risks that MDMs can’t see, such as: - Plaintext SSH keys
- Malicious browser extensions
- Noncompliant BYOD
And that’s just the beginning. Check out 1Password’s ebook to learn how your team can go beyond MDM. Read the ebook!
|
|
|
Comments
Post a Comment
Please leave a comment about our recent post.