Research on AI in Adversarial Settings
New research: “Achilles Heels for AGI/ASI via Decision Theoretic Adversaries“: As progress in AI continues to advance, it is important to know how advanced systems...
CREST publishes guide for enhancing cyber resilience in developing countries
International information security accreditation and certification body CREST has published a new guide to fostering financial sector cyber resilience in developing countries. The nonprofit’s Resilience...
Identity and Access Management (IAM) in Payment Card Industry (PCI) Data Security Standard (DSS) environments.
This is the first of a series of consultant-written blogs around PCI DSS. Many organizations have multiple IAM schemes that they forget about when it...
Prolific Spanish Teen Hacking Suspect Arrested
Jose Luis Huertas boasted of accessing 90% of Spaniards' info Read More
Cyber threat intelligence programs: Still crazy after all these years
When I asked CISOs about their cyber threat intelligence (CTI) programs about five years ago, I got two distinct responses. Large, well-resourced enterprises were investing...
Two-Fifths of IT Pros Told to Keep Breaches Quiet
The figure rises to 70% of those in the US Read More
UK Criminal Records Office Crippled by “Cyber Incident”
Ransomware suspected as visa applications are hit Read More
USN-6001-1: Linux kernel (AWS) vulnerabilities
Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID...
Smashing Security podcast #316: Of Musk and Afroman
An Elon Musk-worshipping college principal gets schooled, and rapper Afroman turns the tables after armed police raid his house. All this and much more is...
USN-6000-1: Linux kernel (BlueField) vulnerabilities
It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain...