CyberSecurity Updates

16 Feb

The art of digital sleuthing: How digital forensics unlocks the truth

Information

The burgeoning field of digital forensics plays a crucial role in investigating a wide range of cybercrimes and cybersecurity incidents. Indeed, in our technology-centric world, even investigations of ‘traditional’ crimes often include an element of digital evidence that is waiting to be retrieved and analyzed. This art of uncovering, analyzing and interpreting digital evidence has seen substantial growth particularly in investigations involving various kinds of fraud and cybercrime, tax evasion, stalking, child exploitation, intellectual property…

Read More
16 Feb

All eyes on AI | Unlocked 403: A cybersecurity podcast

Information

Video Artificial intelligence is on everybody’s lips these days, but there are also many misconceptions about what AI actually is and isn’t. We unpack the basics and examine AI’s broader implications. Alžbeta Kovaľová 15 Feb 2024 Artificial intelligence (AI) is clearly the topic du jour as technologies that fall under the umbrella term of AI become increasingly woven into the fabric of our everyday lives. But what do we actually talk about when we talk…

Read More
15 Feb

CISA and MS-ISAC Release Advisory on Compromised Account Used to Access State Government Organization

Attacks, Insights, Malware

Today, CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization to provide network defenders with the tactics, techniques, and procedures (TTPs) utilized by a threat actor and methods to protect against similar exploitation. Following an incident response assessment of a state government organization’s network environment, analysis confirmed compromise through network administrator credentials of a former employee.…

Read More
14 Feb

Deepfakes in the global election year of 2024: A weapon of mass deception?

Information

Digital Security As fabricated images, videos and audio clips of real people go mainstream, the prospect of a firehose of AI-powered disinformation is a cause for mounting concern Phil Muncaster 13 Feb 2024  •  , 5 min. read Fake news has dominated election headlines ever since it became a big story during the race for the White House back in 2016. But eight years later, there’s an arguably bigger threat: a combination of disinformation and…

Read More
14 Feb

U.S. Internet Leaked Years of Internal, Customer Emails

Data Breaches, Information, Insights

The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of Securence clients — in plain text out on the Internet and just a click away for anyone with a Web…

Read More
14 Feb

NIST Celebrates National Entrepreneurship Week

Insights

What is National Entrepreneurship (NatlEshipWeek) Week?  Celebrated February 10-17, 2024, “NatlEshipWeek is a congressionally chartered week dedicated to empowering entrepreneurship across the United States. The annual initiative was relaunched in 2017 as NatlEshipWeek to bring together a network of partners from Maui to Miami to educate, engage, and build equitable access to America’s Entrepreneurship Ecosystem.” Follow along online with #NatlEshipWeek. You can learn more about the initiative here: https://www.natleshipweek.org/about. Supporting Entrepreneurship is at the Heart of NIST’s…

Read More
13 Feb

Fat Patch Tuesday, February 2024 Edition

Information, Insights

Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks. Top of the heap on this Fat Patch Tuesday is CVE-2024-21412, a “security feature bypass” in the way Windows handles Internet Shortcut Files that Microsoft says is being targeted in active exploits. Redmond’s advisory for this bug says an attacker would need…

Read More
12 Feb

Priorities of the Joint Cyber Defense Collaborative for 2024

Attacks, Insights, Malware

Today, CISA—on behalf of the collective group of industry and government partners that comprise the Joint Cyber Defense Collaborative (JCDC)—released JCDC’s 2024 Priorities. Similar to the 2023 JCDC Planning Agenda, JCDC’s 2024 Priorities will help focus the collective group on developing high-impact and collaborative solutions to the most pressing cybersecurity challenges. Resulting from the trusted partnerships the collaborative has fostered, the focused goals of the 2024 priorities are to: Defend against Advanced Persistent Threat (APT)…

Read More
10 Feb

Ransomware payments hit a record high in 2023 – Week in security with Tony Anscombe

Information

Video, Ransomware Called a “watershed year for ransomware”, 2023 marked a reversal from the decline in ransomware payments observed in the previous year 09 Feb 2024 Ransomware payments in 2023 reached a record-breaking $1.1 billion in 2023, according to an analysis by Chainalysis, a blockchain research firm. Calling 2023 a “watershed year for ransomware”, Chainalysis also said that last year marked a reversal from the decline observed in 2022, when the payments were “only” half…

Read More
09 Feb

The buck stops here: Why the stakes are high for CISOs

Information

Business Security Heavy workloads and the specter of personal liability for incidents take a toll on security leaders, so much so that many of them look for the exits. What does this mean for corporate cyber-defenses? Phil Muncaster 08 Feb 2024  •  , 5 min. read Cybersecurity is finally becoming a board-level issue. That’s as it should be, given the increasingly important role cyber-risk management plays in strategic decision making. Cyber-risk is fundamentally a core…

Read More