How Major Companies Are Honoring Cybersecurity Awareness Month

October 8, 2024 at 01:04PM Cybersecurity Awareness Month promotes security best practices and empowers organizations to create a culture of security. Companies like AWS, IBM, Intuit, SentinelOne, and Gallo use this month to educate, engage, and inspire their employees and communities. Programs include online and physical security training, expert-led discussions, and educational initiatives for students. … Read more

Beyond Immature Rhetoric: The Case Against Mockery and Ambulance Chasing in the Security Industry

September 11, 2024 at 10:06AM The 2017 SecurityWeek article discussed the detrimental effects of “Ambulance Chasing” and mocking in the security community. It emphasizes the need for constructive dialogue, maturity, and empathy during crises. It urges security professionals to avoid these harmful practices and focus on learning, improving, and building partnerships to better protect enterprises. … Read more

Microsoft Convenes Endpoint Security Firms Following CrowdStrike Incident

August 27, 2024 at 09:30AM Microsoft is hosting the Windows Endpoint Security Ecosystem Summit to address security and resilience following the disruptive CrowdStrike incident. The summit aims to outline short- and long-term actions for user protection, with a focus on improving security, safe deployment practices, and resiliency. Discussions will include the impact of kernel access … Read more

Well-Established Cybercriminal Ecosystem Blooming in Iraq

July 15, 2024 at 01:48PM A sophisticated criminal network based in Iraq has been uncovered, revolving around a Telegram bot with over 90,000 messages mainly in Arabic. Checkmarx researchers found the bot to be central to a larger cybercriminal ecosystem offering various illicit services. They also discovered malicious Python packages on PyPI facilitating data theft, … Read more

NIST updates Cybersecurity Framework after a decade of lessons

February 27, 2024 at 01:50PM NIST has released version 2.0 of its Cybersecurity Framework (CSF), expanding its scope to offer security tips for all organizations. Newly introduced resources include quick-start guides, implementation examples, and a new core risk management function called “govern.” NIST plans to continue enhancing the framework and encourages users to share feedback … Read more

Establishing Reward Criteria for Reporting Bugs in AI Products

December 15, 2023 at 06:16PM Google has expanded its Bug Hunters program to include third-party discovery and reporting of issues and vulnerabilities specific to its AI systems. The program includes rewards for various attacks, model manipulations, adversarial perturbations, and model theft/exfiltration. Rewards are based on severity and target affected. To report a qualifying issue, visit … Read more