News
-
Chaos Reins as MITRE Set to Cease CVE and CWE Operations
Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database Read More
-
Cybersecurity Warrior Mindset
As stated in my recent blog, CISO: Chief Cybersecurity Warrior Leader, I define warrior-leadership as a term that combines the concepts of leadership and expertise in the field of cybersecurity with the mindset and traits of a warrior. A warrior mindset helps leaders remain calm, focused, and effective in addressing and resolving complex challenges. In…
-
Funding Expires for Key Cyber Vulnerability Database
A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today that its contract to maintain the Common Vulnerabilities and Exposures (CVE) program — which is traditionally funded each…
-
RansomHouse ransomware: what you need to know
RansomHouse is a cybercrime operation that follows a Ransomware-as-a-Service (RaaS) business model, where affiliates (who do not require technical skills of their own) use the ransomware operator’s infrastructure to extort money from victims. Read more in my article on the Fortra blog. Read More
-
Slopsquatting
As AI coding assistants invent nonexistent software libraries to download and use, enterprising attackers create and upload libraries with those names—laced with malware, of course. Read More
-
The AI Fix #46: AI can read minds now, and is your co-host a clone?
In episode 46 of The AI Fix, China trolls US tariffs, a microscopic pogoing flea-bot makes a tiny leap forward for robotics, Google unveils the Agent2Agent protocol, a robot dog is so cute it ruins Graham’s entire day, and Europe commits €20 billion and all of its buzzwords to five moonshot AI gigafactories. Graham brings…
-
North Korean Hackers Exploit LinkedIn to Infect Crypto Developers with Infostealers
Posing as potential employers, Slow Pisces hackers conceal malware in coding challenges sent to cryptocurrency developers on LinkedIn Read More
-
Compliance Now Biggest Cyber Challenge for UK Financial Services
Regulatory compliance and data protection were the biggest cybersecurity challenges cited by UK financial organizations, according to a Bridewell survey Read More
-
Bot Traffic Overtakes Human Activity as Threat Actors Turn to AI
Thales report reveals bots now account for 51% of all web traffic, surpassing human activity Read More
-
Organizations Found to Address Only 21% of GenAI-Related Vulnerabilities
Pentesting firm Cobalt has found that organizations fix less than half of exploited vulnerabilities, with just 21% of generative AI flaws addressed Read More