6 CISO Takeaways From the NSA's Zero-Trust Guidance
All companies — not just federal agencies — should aim to adopt the "network and environment" pillar of the National Security Agency's zero-trust guidelines.
https://www.darkreading.com/cybersecurity-operations/6-ciso-takeaways-nsa-zero-trust-guidance
ChatGPT vs. Gemini: Which Is Better for 10 Common Infosec Tasks?
Compare how well OpenAI's and Google's generative AI products handle infosec professionals' top 10 tasks.
Expel Releases Updated Toolkit in Response to NIST 2.0
Red Canary Announces Full Coverage of All Major Cloud Providers
Nozomi Networks Secures $100M Investment to Defend Critical Infrastructure
Fortinet Warns of Yet Another Critical RCE Flaw
CVE-2024-48788, like many other recent Fortinet flaws, will likely be an attractive target, especially for nation-state backed actors.
https://www.darkreading.com/vulnerabilities-threats/fortinet-warns-of-yet-another-critical-rce-flaw
FCC Approves Voluntary Cyber Trust Labels for Consumer IoT Products
Here's what IoT device manufacturers need to know to earn a cybersecurity stamp of approval from the government.
https://www.darkreading.com/ics-ot-security/fcc-approves-voluntary-cyber-trust-labels-iot-products
Alabama Under DDoS Cyberattack by Russian-Backed Hacktivists
The hacktivist group Anonymous Sudan claims credit for a cyberattack that disrupted Alabama state government earlier this week.
TikTok Ban Raises Data Security, Control Questions
Approved by the House and moving on to the Senate, the potential ban points up the porousness of governmental control in the digital age.
https://www.darkreading.com/cyber-risk/tiktok-ban-raises-data-security-control-questions
Malawi Passport System Back Online After Debilitating Cyberattack
Passport printing and distribution will resume first in Lilongwe as the immigration system gets back on its feet.
How to Identify a Cyber Adversary: What to Look For
There are many factors involved in attributing a cyber incident to a specific threat actor.
Windows SmartScreen Bypass Flaw Exploited to Drop DarkGate RAT
Attackers use Google redirects in their phishing attack leveraging a now-patched vulnerability that spreads the multifaceted malware.
10 Tips for Better Security Data Management
CISOs must build out their security data management and security data architecture to get the most out of their security data for the least amount of investment.
https://www.darkreading.com/cybersecurity-analytics/10-tips-for-better-security-data-management
150K+ UAE Network Devices & Apps Found Exposed Online
Misconfigurations, insecure services leave United Arab Emirates organizations and critical infrastructure vulnerable to bevy of cyber threats.
https://www.darkreading.com/threat-intelligence/150kplus-uae-network-devices-apps-exposed-online
Codezero Raises $3.5M Seed Funding From Ballistic Ventures to Secure Multicloud Application Development
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks
Claroty Launches Advanced Anomaly Threat Detection for Medigate
ChatGPT Spills Secrets in Novel PoC Attack
Research is latest in a growing body of work to highlight troubling weaknesses in widely used generative AI tools.
Yacht Retailer MarineMax Files 'Cyber Incident' with SEC
The Florida-based boat purveyor's operations were seemingly minimally disrupted and "not material," but it's filing an SEC notice anyway.
Heated Seats? Advanced Telematics? Software-Defined Cars Drive Risk
Car-makers are offering all kinds of over-the-air subscriptions and features, many of which benefit the businesses that use them. But it also opens up a wider attack surface for vehicle attackers.