CISA warns water facilities to secure HMI systems exposed online

December 13, 2024 at 02:36PM CISA and the EPA have issued a warning to water facilities to protect Internet-exposed Human Machine Interfaces (HMIs) from potential cyberattacks, emphasizing the importance of security measures to safeguard these critical systems. **Meeting Takeaways:** 1. **Warning Issued**: CISA and the EPA have issued a warning regarding the security of water … Read more

U.S. org suffered four month intrusion by Chinese hackers

December 5, 2024 at 05:20PM A major U.S. organization with a strong presence in China experienced a data breach by China-based threat actors, who infiltrated its networks and maintained access from April to August 2024. **Meeting Notes Takeaways:** 1. **Incident Overview**: A large U.S. organization with a strong presence in China has experienced a security … Read more

Hackers exploit critical bug in Array Networks SSL VPN products

November 26, 2024 at 08:27AM America’s Cyber Defense Agency has identified hackers exploiting a remote code execution vulnerability in SSL VPN products from Array Networks AG and vxAG ArrayOS. **Meeting Takeaways:** 1. **Subject Matter:** America’s Cyber Defense Agency (ACDA) is addressing a significant security threat. 2. **Vulnerability Identified:** There is a remote code execution vulnerability … Read more

Britain Putin up stronger AI defences to counter growing cyber threats

November 26, 2024 at 01:39AM The UK government has established a Laboratory for AI Security Research (LASR) to combat AI-driven cyber threats from Russia, emphasizing the need for resilience. The initiative includes £8.22 million in funding and collaboration with various national agencies, aiming to strengthen defenses against evolving cyber warfare tactics. ### Meeting Takeaways **Formation … Read more

Leaky Cybersecurity Holes Put Water Systems at Risk

November 22, 2024 at 11:53AM Nearly 100 large community water systems in the U.S. possess serious cybersecurity vulnerabilities, risking water supply for 27 million Americans. Despite regulations, financial and resource constraints hinder proper security measures. Cyberattacks from various groups have targeted water systems, emphasizing a critical need for improved investment and security practices in this … Read more

RSA Conference 2025 Innovation Sandbox Contest Celebrates 20th Anniversary

November 21, 2024 at 05:22PM Starting in April 2025, RSA Conference will provide $5 million in funding to the Top 10 Finalists of the Innovation Sandbox contest, enhancing innovation against cybersecurity threats. The contest, celebrating its 20th anniversary, showcases startups and has significantly influenced the cybersecurity landscape, helping participants secure substantial investments. ### Meeting Takeaways … Read more

Chinese APT Gelsemium Deploys ‘Wolfsbane’ Linux Variant

November 21, 2024 at 03:32PM Recent modifications to Chinese backdoors, particularly Gelsemium’s new tools Wolfsbane and Firewood, target Linux systems, marking a significant shift in malware development. As organizations increasingly adopt Linux, experts highlight a surge in Linux-based cyber threats, with 54% of endpoint attacks affecting Linux in 2023. ### Meeting Takeaways 1. **Emergence of … Read more

SWEEPS Educational Initiative Offers Application Security Training

November 19, 2024 at 10:45PM The SWEEPS initiative, funded by a $2.5 million grant, aims to enhance secure coding skills among software developers through workshops, courses, and bootcamps. Targeting all career stages, it addresses the skills gap in software security, promoting best practices to defend against cyberattacks. Enrollment prioritizes U.S. citizens with military backgrounds. **Meeting … Read more

Join in the festive cybersecurity fun

November 19, 2024 at 04:16AM The 2024 SANS Holiday Hack Challenge, starting on November 7, features eight weeks of gamified cyber exercises. Participants can tackle various challenges across skill levels, with a live scoreboard for tracking progress. Winners receive prizes like free courses and subscriptions. Sign up for updates and further details online. ### Meeting … Read more

Why the Demand for Cybersecurity Innovation Is Surging

November 18, 2024 at 10:05AM The cybersecurity landscape is evolving rapidly, driven by increasing threats and the exploitation of AI by cybercriminals. Companies are significantly raising cybersecurity budgets, yet attacks continue to escalate. As specialized solutions are in demand, companies that harness emerging technologies to enhance security will likely experience substantial growth in the sector. … Read more