CMMC 2.0: A Roadmap to Compliance with Trustwave 2024-10-01 at 16:01 By The U.S. Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) 2.0 has passed through the Office of Information and Regulatory Affairs and is now on its way to Congress, set to become law by Q4 2024. With the CMMC becoming official law, its full […]
CMMC 2.0: A Roadmap to Compliance with Trustwave Read More »
California Governor Vetoes Bill to Create First-in-Nation AI Safety Measures 2024-09-30 at 06:16 By Associated Press Gavin Newsom vetoed a landmark bill SB 1047 aimed at establishing first-in-the-nation safety measures for large artificial intelligence models. The post California Governor Vetoes Bill to Create First-in-Nation AI Safety Measures appeared first on SecurityWeek. This article is an
California Governor Vetoes Bill to Create First-in-Nation AI Safety Measures Read More »
2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity 2024-09-27 at 16:01 By Karl Sigler As the intensity of a critical election year builds, the greatest threat isn’t necessarily the security of ballot machines. Instead, it lies in misinformation, amplified by social media, biased algorithms, and the spread of fake news. During the 2020 U.S. presidential election,
2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity Read More »
PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) 2024-09-25 at 17:17 By Zeljka Zorz Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by unauthenticated attackers to remotely read and modify all help desk ticket details, are now public. “When
PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) Read More »
Shedding Light on Election Deepfakes 2024-09-25 at 16:01 By Pauline Bolaños Contrary to popular belief, deepfakes — AI-crafted audio files, images, or videos that depict events and statements that never occurred; a portmanteau of “deep learning” and “fake” — are not all intrinsically malicious. This article is an excerpt from SpiderLabs Blog View Original Source
Shedding Light on Election Deepfakes Read More »
Ban Sought for Chinese, Russian Software and Hardware Used in Autonomous Vehicles on US Roads 2024-09-23 at 17:02 By Associated Press In extreme situations, a foreign adversary could shut down or take simultaneous control of multiple vehicles operating in the United States, causing crashes and blocking roads. The post Ban Sought for Chinese, Russian Software
CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities 2024-09-18 at 15:31 By Ionut Arghire CISA and the FBI have released an alert on XSS vulnerabilities, urging organizations to adopt a secure by design approach and eliminate them. The post CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities appeared first on SecurityWeek. This article is an
CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities Read More »
Ghost: Criminal communication platform compromised, dismantled by international law enforcement 2024-09-18 at 15:16 By Zeljka Zorz Another encrypted communication platform used by criminals has been dismantled and its alleged mastermind arrested, the Australian Federal Police has announced on Tuesday. “AFP Operation Kraken charged a NSW man, aged 32, for creating and administering Ghost, a dedicated
Spam With A Political Twist: Fraudsters Are Exploiting The Election Season 2024-09-17 at 16:01 By The US election is less than 70 days away and threat actors are busy crafting malicious spam that uses candidate names and political themes as social engineering tools to convince recipients to open their emails. This article is an excerpt
Spam With A Political Twist: Fraudsters Are Exploiting The Election Season Read More »
FBI, CISA Warn of Fake Voter Data Hacking Claims 2024-09-16 at 16:46 By Eduard Kovacs Hackers keep making claims about voter information compromise, but the US government says they’re just trying to sow distrust in the elections. The post FBI, CISA Warn of Fake Voter Data Hacking Claims appeared first on SecurityWeek. This article is
FBI, CISA Warn of Fake Voter Data Hacking Claims Read More »
Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media 2024-09-13 at 16:01 By Jose Tozo With the US election on the horizon, it’s a good time to explore the concept of social media weaponization and its use in asymmetrically manipulating public opinion through bots, automation, AI, and shady
UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy 2024-09-13 at 15:01 By Kevin Townsend The designation of UK data centers as Critical National Infrastructure strengthens cyber defenses, but a proposed £3.75B data center on protected Green Belt land sparks debate. The post UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt
UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy Read More »
Top priorities for federal cybersecurity: Infrastructure, zero trust, and AI-driven defense 2024-09-12 at 07:01 By Mirko Zorz In this Help Net Security, Erica Banks, VP and a leader in Booz Allen’s civilian services business, discusses the Federal Cybersecurity Strategy’s role in safeguarding national assets. Banks outlines key areas for improvement, including funding, talent retention, and
The AI Convention: Lofty Goals, Legal Loopholes, and National Security Caveats 2024-09-10 at 15:16 By Kevin Townsend Signed on September 5, 2024, the AI Convention is a laudable intent but suffers from the usual exclusions and exemptions necessary to satisfy multiple nations. The post The AI Convention: Lofty Goals, Legal Loopholes, and National Security Caveats
The AI Convention: Lofty Goals, Legal Loopholes, and National Security Caveats Read More »
US Gov Removing Four-Year-Degree Requirements for Cyber Jobs 2024-09-06 at 20:31 By SecurityWeek News The US government will remove “unnecessary degree requirements” in favor of skills-based hiring to help fill 500,000 open cybersecurity jobs. The post US Gov Removing Four-Year-Degree Requirements for Cyber Jobs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
US Gov Removing Four-Year-Degree Requirements for Cyber Jobs Read More »
Cybersecurity Threat Briefing for Organizations Under the SOCI in Australia 2024-09-06 at 16:18 By Grant Hutchons The Security of Critical Infrastructure (SOCI) Act in Australia mandates that organizations operating within critical infrastructure sectors implement robust cybersecurity measures to protect against an increasingly diverse and sophisticated range of cyber threats. This article is an excerpt from
Cybersecurity Threat Briefing for Organizations Under the SOCI in Australia Read More »
US Targets Russian Election Influence Operation With Charges, Sanctions, Domain Seizures 2024-09-05 at 12:46 By Eduard Kovacs The US has cracked down on an influence operation sponsored by the Russian government, announcing charges, sanctions and domain seizures. The post US Targets Russian Election Influence Operation With Charges, Sanctions, Domain Seizures appeared first on SecurityWeek. This
US Targets Russian Election Influence Operation With Charges, Sanctions, Domain Seizures Read More »
White House Outlines Plan for Addressing BGP Vulnerabilities 2024-09-04 at 13:46 By Eduard Kovacs The White House has released a roadmap for addressing internet routing (BGP) security issues, mainly through RPKI adoption. The post White House Outlines Plan for Addressing BGP Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed
White House Outlines Plan for Addressing BGP Vulnerabilities Read More »
Protecting national interests: Balancing cybersecurity and operational realities 2024-09-04 at 07:31 By Mirko Zorz With cyber threats becoming increasingly sophisticated and targeting critical infrastructure, in this Help Net Security interview, David Ferbrache, managing director of Beyond Blue, discusses the current state of cybersecurity readiness and resilience. Ferbrache talks about the complexities of managing both traditional
Protecting national interests: Balancing cybersecurity and operational realities Read More »
CMMC 2.0: A New Era of Cybersecurity for the Defense Industrial Base 2024-09-03 at 18:01 By The Cybersecurity Maturity Model Certification (CMMC) framework is undergoing a significant transformation with the introduction of CMMC 2.0. This revamped approach aims to streamline compliance, reduce costs, and enhance the overall security posture of the defense industrial base (DIB). This article is
CMMC 2.0: A New Era of Cybersecurity for the Defense Industrial Base Read More »