The Role of the CISO in Digital Transformation
A successful CISO should play a leading role in digital transformation and cloud migration initiatives in their organization. The CISO is responsible for making sure technical security controls are de...
https://www.darkreading.com/cloud-security/the-role-of-the-ciso-in-digital-transformation
General Electric, DARPA Hack Claims Raise National Security Concerns
Weapons systems data, AI research, and other classified information may be up for sale, not to mention access to other government agencies.
Cyber Threats to Watch Out for in 2024
As cyber threats evolve in 2024, organizations must prepare for deepfakes, extortion, cloud targeting, supply chain compromises, and zero day exploits. Robust security capabilities, employee training,...
https://www.darkreading.com/cyber-risk/cyber-threats-to-watch-out-for-in-2024
CISA, NCSC Offer a Road Map, Not Rules, in New Secure AI Guidelines
US and UK authorities issued new recommendations for companies that build and rely on AI, but they stop short of laying down the law.
Ardent Health Hospitals Disrupted After Ransomware Attack
More than two dozen hospitals have been impacted by the breach and are diverting emergency care for patients to other healthcare facilities.
Data De-Identification: Balancing Privacy, Efficacy & Cybersecurity
Companies must do a delicate dance between consumer privacy protection, upholding their product's efficacy, and de-risking cyber breaches to run the business.
Hamas-Linked APT Wields New SysJoker Backdoor Against Israel
Gaza Cybergang is using a version of the malware rewritten in the Rust programming language.
Randstorm' Bug: Millions of Crypto Wallets Open to Theft
The security vulnerability in a component of a widely used JavaScript implementation of Bitcoin makes passwords guessable via brute-force attacks.
Consumer Software Security Assessment: Should We Follow NHTSA's Lead?
Vehicles are required to meet basic safety standards. Having similar requirements for software would give consumers greater control over their privacy and security.
Despite Hype, the Password-Free Workplace Is Still a Long Way Off
More than half of organizations are nowhere near ditching passwords, even as cyberattackers continue to have a field day with workers' poor credential choices.
Unpatched Critical Vulnerabilities Open AI Models to Takeover
The security holes can allow server takeover, information theft, model poisoning, and more.
Actions to Take to Defeat Initial Access Brokers
Initial access brokers (IAB) are often difficult to track. This Tech Tip spells out some countermeasures enterprises need to defend against stolen credentials.
https://www.darkreading.com/threat-intelligence/actions-to-take-to-defeat-initial-access-brokers
Detection & Response That Scales: A 4-Pronged Approach
Building a resilient incident response team requires more than a simple combination of tools and on-call rotations.
https://www.darkreading.com/endpoint-security/detection-response-that-scales-a-4-pronged-approach
IT Pros Worry Generative AI Will Be a Major Driver of Cybersecurity Threats
More than two-thirds of cybersecurity decision-makers say GenAI will open new avenues for attack for their businesses.
Dangerous Apache ActiveMQ Exploit Allows Stealthy EDR Bypass
There's no time to waste: For organizations on the fence about patching the critical bug in ActiveMQ, the new proof-of-concept exploit should push them towards action.
Hands Off the Security Budget! Find Efficiencies to Reduce Risk
Security budgets will benefit from new priorities, streamlined responses rather than wholesale cost-cutting in light of cyberattacks and increased regulatory requirements.
British Library Confirms Ransomware Attack Caused Outages
The library said that it expects many of its services to be restored in the forthcoming weeks.
CompTIA Advises Retailers to Check their Cybersecurity Preparedness Ahead of the Holiday Shopping Season
Shadowy Hack-for-Hire Group Behind Sprawling Web of Global Cyberattacks
For several years operators at New Delhi-based Appin hacked into, spied on, and stole data from targets around the world for clients that included private investigators, government agencies, law enfor...
Scattered Spider Casino Hackers Evade Arrest in Plain Sight
The feds seem to know all about the hacking group brazenly breaking into corporate networks; so why are enterprise teams left on their own to stop their cybercrimes?