Continuous Monitoring and Protection
Scams As AI-powered voice cloning turbocharges imposter scams, we sit down with ESET’s Jake Moore to discuss how to hang up on ‘hi-fi’ scam calls – and what the future holds for deepfake detection Cameron Camp 23 Jan 2024 • , 4 min. read Would you fall for a faked call from your CEO asking you to wire money? As our colleague Jake Moore found out, you might. As computers with spare compute cycles get…
Read MoreIt’s been four years since the release of The NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0. Since then, many organizations have found it highly valuable for building or improving their privacy programs. We’ve also been able to add a variety of resources to support its implementation. Credit: NIST We’re proud of how much has been accomplished in just a few short years, but we’re not resting on our…
Read MoreCisco released a security advisory to address a vulnerability (CVE-2024-20253) affecting multiple Unified Communications Products. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco Unified Communications Products Remote Code Execution Vulnerability advisory and apply the necessary updates.
Read MoreOur first post in the series introduced the concept of federated learning—an approach for training AI models on distributed data by sharing model updates instead of training data. At first glance, federated learning seems to be a perfect fit for privacy since it completely avoids sharing data. However, recent work on privacy attacks has shown that it’s possible to extract a surprising amount of information about the training data, even when federated learning is used.…
Read MoreCISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) on Engaging with Artificial Intelligence—joint guidance, led by ACSC, on how to use AI systems securely. The following organizations also collaborated with ACSC on the guidance: Federal Bureau of Investigation (FBI) National Security Agency (NSA) United Kingdom (UK) National Cyber Security Centre (NCSC-UK) Canadian Centre for Cyber Security (CCCS) New Zealand National Cyber Security Centre (NCSC-NZ) and CERT NZ Germany Federal…
Read MoreVideo The job of a CISO is becoming increasingly stressful as cybersecurity chiefs face overwhelming workloads and growing concerns over personal liability for security failings 19 Jan 2024 The job of a chief information security officer (CISO) is becoming increasingly stressful, to the point that some security leaders are seeking out more peaceful career paths. Indeed, as many as 46 percent of CISOs are considering leaving cybersecurity, according to a recent survey. This comes as…
Read MoreA Canadian man who says he’s been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to involve “triangulation fraud,” which occurs when a consumer purchases something online — from a seller on Amazon or eBay, for example — but the seller doesn’t actually own the item for sale. Instead, the seller purchases the item from an online retailer using stolen payment card data. In this scam,…
Read MoreCISA has issued Emergency Directive (ED) 24-01 Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities in response to active vulnerabilities in the following Ivanti products: Ivanti Connect Secure and Ivanti Policy Secure. ED 24-01 directs all Federal Civilian Executive Branch (FCEB) agencies running Ivanti Connect Secure and Ivanti Policy Secure to: Implement the mitigations as detailed in the ED. Report indications of compromise to CISA. Remove compromised products from agency networks and follow the…
Read MoreScams Phone fraud takes a frightening twist as fraudsters can tap into AI to cause serious emotional and financial damage to the victims Phil Muncaster 18 Jan 2024 • , 4 min. read It’s every parent’s worst nightmare. You get a call from an unknown number and on the other end of the line hear your child crying out for help. Then their ‘kidnapper’ comes on the line demanding a ransom or you will never…
Read MoreToday, CISA, the Federal Bureau of Investigation (FBI), and the Environmental Protection Agency released a joint Incident Response Guide for the Water and Wastewater Systems (WWS) Sector. The guide includes contributions from over 25 WWS Sector organizations spanning private industry, nonprofit, and government entities. This coordination enabled CISA, FBI, and EPA to develop a guide with meaningful value to WWS Sector organizations. Specifically, the guide provides information about the federal support available at each stage…
Read More