DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
The “Bad Likert Judge” jailbreaking technique boasts a high attack success rate by using a three-step approach which employs the target LLM’s own understanding of harmful content to bypass the target LLM’s safety guardrails....more
The Biden-Harris Administration is redoubling its efforts to improve cybersecurity for the nation’s water systems. In March, the EPA and the White House issued a dire warning to state governors alerting them of the need to...more
In the hyper-connected era of smart manufacturing, accelerated by “Industry 4.0,” the manufacturing sector is undergoing a digital revolution. By leveraging technologies such as advanced automation, artificial intelligence,...more
On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell...more
The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently released a joint cybersecurity advisory, warning organizations about indicators of compromise, and tactics, techniques, and...more
CYBERSECURITY - World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak - Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global Cybersecurity Outlook 23 Insight Report (published in collaboration with Accenture), although...more
The Health Care Sector Cybersecurity Coordination Center (IC3) recently released an Analyst’s Note to health care organizations providing information on a new variant of ransomware called Venus (also known as GOODGAME)....more
CYBERSECURITY - Joint Advisory Outlines Attacks by Daixin Team - The Cybersecurity & Infrastructure Security Agency, the FBI and the U.S. Department of Health & Human Services released a Joint Advisory last week warning...more
When was the last time your company’s software was updated? If it was more than six months ago, your cybernetwork is at serious risk of exposure by hackers and you may be at risk of not complying with the new, 72-hour...more
A joint advisory issued June 7, 2022, by the Cybersecurity & Infrastructure Security Agency, FBI and the National Security Agency entitled “People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and...more
This week the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) issued a “SHIELDS UP” advisory. While it does not identify specific threats in the advisory, CISA states that the “Russian...more
U.S. officials this week warned government agencies, cybersecurity personnel, and operators of critical infrastructure that Russia might launch cyber-attacks against Ukrainian and U.S. networks at the same time it launches...more
It was a crazy weekend for cyberattacks. People seem surprised, but those of us in the industry aren’t surprised one bit. It is very logical and foreseeable that hackers are leveraging attacks that have maximum disruption on...more
A widely reported flaw in popular software known as Log4j poses a severe cybersecurity threat to organizations around the globe, with hundreds of millions of devices at risk. Over the past week, government agencies,...more
This week, both Apple and Microsoft issued patches to fix serious zero-day vulnerabilities that should be applied as soon as possible. That means that if you have an iPhone or iPad, you may want to plug your phone or iPad in...more
On September 22, 2021, the Federal Bureau of Investigations (FBI), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) issued a cybersecurity advisory alerting companies to the...more
State and local governments have been hammered with business email compromise (BEC) attacks over the past few years and the onslaught does not appear to be abating....more
The threat-related statistics of malware and ransomware are mind-boggling. We have regularly reported on the dramatic increase of ransomware, but the statistics on successful exploitation and botnet activities are just as...more
Secureworks issues an annual Incident Response Report that is very helpful in obtaining information on what types of incidents are occurring in order to become more resistant to threats. The 2020 IR Report was recently...more
The Ponemon Institute recently issued its 2020 Cost of insider Threats Global Report, which finds that the frequency and cost of insider threats is continued to increase. Sponsored by ObserveIT and IBM, the 2020 report is the...more
The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This follows the warning last week by the Department of...more
After the killing of Qassem Soleimani on January 3, 2020, by the U.S. government, the cybersecurity news industry has been abuzz about whether Iran will engage in cyber terrorism, and if so, to what degree, as part of its...more
The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020 alerting the public that Iran poses a cyber terrorism threat to the United States...more
On the heels of an FDA committee report concerning cybersecurity issues with medical devices, the U.S. Food and Drug Administration (FDA) issued an alert regarding cybersecurity vulnerabilities, referred to as “URGENT/11,”...more