Mandiant Highlights Russian and Chinese Cyber Threats to NATO on Eve of 75th Anniversary Summit

July 8, 2024 at 02:28PM Cyber threats against NATO are on the rise, with primary adversaries being Russian and Chinese nation state actors, financially motivated criminal activity, and ideologically driven hacktivists. APT29, COLDRIVER, and APT44 are Russian state actors involved in cyber espionage and hybrid warfare. Chinese espionage has focused on using zero-day vulnerabilities and … Read more

CISA Conducts First AI Cyber Incident Response Exercise

June 17, 2024 at 10:14AM The US cybersecurity agency CISA conducted a tabletop exercise with the private sector focused on responding to AI cybersecurity incidents. Led by the JCDC, the exercise simulated a cyberattack involving an AI-enabled system, aiming to identify information sharing opportunities, engagement protocols, collaboration areas, and best practices. Lessons learned will be … Read more

OpenAI Appoints Former NSA Director Paul Nakasone to Board of Directors

June 14, 2024 at 10:27AM Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors and Safety and Security Committee at OpenAI. His cybersecurity insights will contribute to understanding AI’s role in strengthening cybersecurity. Nakasone’s experience aligns with OpenAI’s mission to ensure safe and beneficial artificial general intelligence. … Read more

In Other News: Apple WPS Surveillance, Canadian Gov Wants Backdoors, NIST AI Program

May 31, 2024 at 09:36AM SecurityWeek compiles important cybersecurity news, highlighting impactful stories. Recent articles cover threats like abusing BitLocker for ransomware, critical data exposure in India, AI-as-a-service vulnerability, and surveillance using Wi-Fi-based positioning systems. Additionally, a memorandum of understanding aims to boost electric sector cybersecurity, while cyberspying targets political entities in multiple regions. Based … Read more

LockBit dethroned as leading ransomware gang for first time post-takedown

May 22, 2024 at 07:03AM After the takedown of LockBit in February, rival gang Play has surpassed it in attacks, marking a shift after eight months of LockBit dominance. Law enforcement’s disruption claims seem validated as LockBit’s attacks drop significantly. Global ransomware activity decreased by 15% month-on-month, with North America and Europe remaining the top … Read more

Cybersec chiefs team up with insurers to say ‘no’ to ransomware bullies

May 14, 2024 at 12:20PM The UK’s National Cyber Security Centre (NCSC) collaborated with insurance associations to release a guidance book aimed at preventing organizations from quickly paying ransomware demands. The book provides recommendations and advises against paying ransoms, as it reinforces cybercriminals’ activities. This initiative is viewed as a temporary solution while discussions about … Read more

Fileless Attacks Prompt Intel’s Next-Gen Security

April 12, 2024 at 02:46PM Trend is fortifying its endpoint solutions to detect fileless attacks early by integrating Intel Threat Detection Technology, providing greater scalability and resiliency. Trend’s Worry-Free Business Solution will be the first to incorporate this technology, followed by Trend Apex One and Trend Vision One™. This collaboration sets a new standard for … Read more

Collaboration Needed to Fight Ransomware

April 1, 2024 at 10:10AM A global proactive and collaborative cybersecurity approach, beyond public/private partnerships, is essential to combat professional ransomware gangs. Based on the meeting notes, the key takeaway is that a global proactive and collaborative approach to cybersecurity is vital in combating the growing threat of professional ransomware gangs, going beyond traditional public/private … Read more

What Cybersecurity Chiefs Need From Their CEOs

March 4, 2024 at 10:08AM CEOs and their CISOs should be natural partners in combating cyber threats, but only 30% of CISOs feel supported by their CEO, leading to high work-related stress and turnover. To support their CISOs, CEOs should ensure direct communication, empower their CISOs, collaborate on resilience strategy, and agree on AI’s impact, … Read more

How Hospitals Can Help Improve Medical Device Data Security

February 8, 2024 at 10:06AM Hospitals and medical device manufacturers must collaborate to protect personal health information from cyber threats. This shared responsibility model requires manufacturers to embed security controls in products, while hospitals ensure their proper use. Manufacturers provide guidelines and materials for hospitals to optimize security measures. Collaboration is vital to maintain a … Read more