October 8, 2024 at 01:04PM Cybersecurity Awareness Month promotes security best practices and empowers organizations to create a culture of security. Companies like AWS, IBM, Intuit, SentinelOne, and Gallo use this month to educate, engage, and inspire their employees and communities. Programs include online and physical security training, expert-led discussions, and educational initiatives for students. … Read more
September 11, 2024 at 10:06AM The 2017 SecurityWeek article discussed the detrimental effects of “Ambulance Chasing” and mocking in the security community. It emphasizes the need for constructive dialogue, maturity, and empathy during crises. It urges security professionals to avoid these harmful practices and focus on learning, improving, and building partnerships to better protect enterprises. … Read more
August 27, 2024 at 09:30AM Microsoft is hosting the Windows Endpoint Security Ecosystem Summit to address security and resilience following the disruptive CrowdStrike incident. The summit aims to outline short- and long-term actions for user protection, with a focus on improving security, safe deployment practices, and resiliency. Discussions will include the impact of kernel access … Read more
July 15, 2024 at 01:48PM A sophisticated criminal network based in Iraq has been uncovered, revolving around a Telegram bot with over 90,000 messages mainly in Arabic. Checkmarx researchers found the bot to be central to a larger cybercriminal ecosystem offering various illicit services. They also discovered malicious Python packages on PyPI facilitating data theft, … Read more
February 27, 2024 at 01:50PM NIST has released version 2.0 of its Cybersecurity Framework (CSF), expanding its scope to offer security tips for all organizations. Newly introduced resources include quick-start guides, implementation examples, and a new core risk management function called “govern.” NIST plans to continue enhancing the framework and encourages users to share feedback … Read more
December 15, 2023 at 06:16PM Google has expanded its Bug Hunters program to include third-party discovery and reporting of issues and vulnerabilities specific to its AI systems. The program includes rewards for various attacks, model manipulations, adversarial perturbations, and model theft/exfiltration. Rewards are based on severity and target affected. To report a qualifying issue, visit … Read more