Governance, Risk and ComplianceBritain moves to tamper down cybersecurity rowShaun NicholsAugust 14, 2024The idea of an international standard for “cyber deception” has turned into a contentious subject, and the UK government has taken up the challenge.
RansomwareRansomware recap: Top threat actors, exploited vulnerabilities in H1 2024Laura FrenchAugust 14, 20242024 saw a shakeup in the top six gangs, which account for half of all claimed breaches.
Data SecurityTexas sues General Motors over collection, sale of driver dataStephen WeigandAugust 14, 2024The attorney general for Texas sued General Motors, claiming that the automaker is illegally collecting and selling customer data from 1.5 million Texans.
Data SecurityHow to prepare for NIST’s new post-quantum cryptography guidelinesSteve ZurierAugust 14, 2024NIST has made clear that while there’s no need to panic, organizations need to start making plans to transition to post-quantum cryptography.
Cloud SecurityAre your GitHub Action artifacts leaking tokens?Laura FrenchAugust 13, 2024Palo Alto research found many open-source projects can be compromised through public artifacts.
AI/MLMicrosoft Azure AI assistants can be tricked to turn over patient dataShaun NicholsAugust 13, 2024Microsoft Azure chatbots charged with handling personal medical data could be tricked into handing over personal data for hundreds of customers.
Vulnerability ManagementMicrosoft patches 9 zero-days, 6 exploited in the wildSteve ZurierAugust 13, 2024In addition to Microsoft patches, Adobe also addressed 71 CVEs across its products.
Network SecurityGoogle deactivates AdSense for Russian websitesShaun NicholsAugust 12, 2024Google has cut off business ties with Russian websites by deactivating AdSense accounts effective in August.
Network SecurityFreeBSD releases new patch for regreSSHion-related RCE flawLaura FrenchAugust 12, 2024The OpenSSH vulnerability in the operating system could enable remote code execution with root privileges.
Data Security48 types of PII targeted in East Valley Institute of Technology breachSteve ZurierAugust 12, 2024Data of more than 208,000 students potentially impacted in January breach.
Here’s why it’s important to take CISA’s ‘Secure by Design Pledge’ seriouslyNadir IzraelAugust 13, 2024