DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Members of the health care and financial industries, along with other industries that hold sensitive data, are warned that a ChatGPT vulnerability is being actively exploited by threat actors to attack security flaws in AI...more
CYBERSECURITY - Patch, Patch, Patch: Updates for Fortinet, Microsoft, and Adobe Products - Patching vulnerabilities is a difficult task. Keeping up with and patching them without disrupting users’ experience is tricky....more
CYBERSECURITY - HC3 Warns Healthcare Organizations about Akira Ransomware Group - The Health Sector Cybersecurity Coordination Center (HC3) recently warned the health care sector about the Akira ransomware group that...more
CYBERSECURITY CISOs: New Report Outlines Risks of LLMs - I hang out with a lot of Chief Information Security Officers (CISOs), so this piece is for them. Of course, it will be of interest to all security professionals...more
CYBERSECURITY - Mozilla Releases Security Updates for Thunderbird and Firefox - Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more
CYBERSECURITY- Mozilla Releases Security Updates for Thunderbird and Firefox - Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more
CYBERSECURITY - CISA Launches Cybersecurity - Public Awareness Campaign To kick off the twentieth annual Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that CISA and...more
CYBERSECURITY - Patch Adobe ColdFusion Vulnerabilities Being Exploited in the Wild ASAP - Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023,...more
According to cybersecurity researchers at Bishop Fox, “hundreds of thousands” of FortiGate firewalls have not been patched against a known vulnerability and are at risk of being attacked by threat actors using the unpatched...more
Researchers at Meta, the owner of Facebook released a report this week that indicated that, since March 2023, Meta “has blocked and shared with our industry peers more than 1,000 malicious links from being shared across our...more
CYBERSECURITY FBI, CISA + MS-ISAC Warn of LockBit 3.0 Ransomware The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MSISAC) recently released a joint cybersecurity advisory, warning organizations about...more
CYBERSECURITY - World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak - Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global Cybersecurity Outlook 23 Insight Report (published in collaboration with Accenture), although...more
The modern security ecosystem is diverse and ever-changing, a place where cyber risk is top of mind for leaders at all levels, and threats to information / data security and privacy evolve at the speed of the technical...more
CYBERSECURITY - Nineteen States Have Banned TikTok on Government-Issued Devices - Governors of numerous states have issued Executive Orders in the past several weeks banning TikTok from government-issued devices and...more
CYBERSECURITY - Health Care Organizations Warned of Venus Ransomware - The Health Care Sector Cybersecurity Coordination Center (IC3) recently released an Analyst’s Note to health care organizations providing information...more
Federal Privacy Bill (ADPPA) is Sent to the House Floor but Obstacles to its Passage Remain - On July 20, 2022, the House Committee on Energy and Commerce (“the Committee”) voted 53-2 in favor of advancing The American Data...more
Unjected, a dating app and the “largest unvaccinated platform” online, apparently left its entire website’s back end unsecured. Security researchers, working with Daily Dot reporters, reportedly accessed the site’s...more
CYBERSECURITY - Cloaked Ursa Using Trusted Online Storage Services to Evade Detection - According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20,...more
CYBERSECURITY - Joint Advisory Warns of Chinese-Sponsored Attacks on Telecommunications Companies - A joint advisory issued June 7, 2022, by the Cybersecurity & Infrastructure Security Agency, FBI and the National...more
CYBERSECURITY - Verizon’s 2022 Data Breach Investigations Report: A Must Read - I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. (Just...more
CYBERSECURITY - State Department Offers $10M Reward for Information on Russian Officers Involved in Malicious Cyber Activities - The U.S. Department of State has announced a $10 million reward for “information leading to...more
CYBERSECURITY - FBI and DHS Warn of Russian Cyberattacks Against Critical Infrastructure - U.S. officials this week warned government agencies, cybersecurity personnel, and operators of critical infrastructure that...more
CYBERSECURITY - FBI Warns Olympics/Paralympics Participants of Cyber “Activities” - On January 31, 2022, the FBI issued a Private Industry Notification entitled “Potential for Malicious Cyber Activities to Disrupt the...more
CYBERSECURITY - ECRI Names Cybersecurity Attacks as Top Health Technology Hazard for 2022 - ECRI has been publishing its annual report of health technology hazards for the past 15 years. According to ECRI’s Device...more