How to choose secure, verifiable technologies?

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, compiled to assist organizations in making informed decisions when procuring softwa… Continue reading How to choose secure, verifiable technologies?

UK Cyber Risks Are ‘Widely Underestimated,’ Warns Country’s Security Chief

Richard Horne, the head of the U.K.’s National Cyber Security Centre, says that hostile activity has “increased in frequency, sophistication and intensity.” Continue reading UK Cyber Risks Are ‘Widely Underestimated,’ Warns Country’s Security Chief

Protecting national interests: Balancing cybersecurity and operational realities

With cyber threats becoming increasingly sophisticated and targeting critical infrastructure, in this Help Net Security interview, David Ferbrache, managing director of Beyond Blue, discusses the current state of cybersecurity readiness and resilience…. Continue reading Protecting national interests: Balancing cybersecurity and operational realities

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco Tal… Continue reading Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

JCDC’s strategic shift: Prioritizing cyber hardening

In this Help Net Security interview, Geoffrey Mattson, CEO of Xage Security, discusses the evolution of the Joint Cyber Defense Collaborative (JCDC) since its 2021 inception and tackles its 2024 strategic priorities in response to escalating cyber thre… Continue reading JCDC’s strategic shift: Prioritizing cyber hardening

APT29 revamps its techniques to breach cloud environments

Russian threat actors APT29 are changing their techniques and expanding their targets to access cloud environments, members of the Five Eyes intelligence alliance have warned. About APT29 APT29 (aka Midnight Blizzard, aka Cozy Bear) is a cyber espionag… Continue reading APT29 revamps its techniques to breach cloud environments

AI is already being used by ransomware gangs, warns NCSC

In a newly published report, the UK’s National Cyber Security Centre (NCSC) has warned that malicious attackers are already taking advantage of artificial intelligence and that the volume and impact of threats – including ransomware – will increase in … Continue reading AI is already being used by ransomware gangs, warns NCSC

AI expected to increase volume, impact of cyberattacks

All types of cyber threat actor are already using artificial intelligence (AI) to varying degrees, UK National Cyber Security Centre’s analysts say, and predict that AI “will almost certainly increase the volume and heighten the impact of c… Continue reading AI expected to increase volume, impact of cyberattacks

CyberAv3ngers hit Unitronics PLCs at multiple US-based water facilities

Iran-affiliated attackers CyberAv3ngers continue to exploit vulnerable Unitronics programmable logic controllers (PLCs), US and Israeli authorities have said in a joint cybersecurity advisory. CyberAv3ngers targeting Unitronics PLCs CISA has recently c… Continue reading CyberAv3ngers hit Unitronics PLCs at multiple US-based water facilities

Released: AI security guidelines backed by 18 countries

The UK National Cyber Security Centre (NCSC) has published new guidelines that can help developers and providers of AI-powered systems “build AI systems that function as intended, are available when needed, and work without revealing sensitive da… Continue reading Released: AI security guidelines backed by 18 countries