Jongeun You, an assistant professor of political science at Northern Michigan University, brings further attention to the vulnerability of the US water sector to cyberattacks. According to You, water and wastewater operators typically rely on Industrial Control System (ICS) devices created decades ago, and their Operational Technology (OT)/Information Technology (IT) systems are often found to be outdated. In addition, the US has over 150,000 public water systems, resulting in a structure that is difficult to protect because of its fragmentation.

Alexis Musaelyan-Blackmon won first place in the "Powering Diverse and Inclusive Communities of Belonging" category of the third annual Women Who Empower Innovator Awards presented by Northeastern University. With an interest in harnessing data, Artificial Intelligence (AI), and computational biology, Musaelyan-Blackmon came up with "Dephend," a play on the words "phishing" and "defend," to combat ever-evolving security threats. Dephend is a cloud-based Software-as-a-Service (SaaS) security platform that, once deployed, provides real-time insights into cyber threats.

Cybersecurity experts at RMIT University warn that the popular shopping app TEMU may contribute to unsafe data collection practices. TEMU has been at the center of many cybersecurity and consumer data discussions due to its rising popularity. According to Dr. Arathi Arakala, lecturer in mathematics at RMIT University, TEMU's privacy and cookie policy states that the type of data it gathers includes essential user data for its service, such as address, phone number, and payment information.

The lab of Dinesh Bharadia, a member of the University of California, San Diego Qualcomm Institute (QI) and professor in the Jacobs School of Engineering's Department of Electrical and Computer Engineering, has developed a novel device to address the challenge of increasing public access to the wireless network. The prototype technology filters out interference from other radio signals while sweeping underutilized spectrum frequency bands for high-traffic periods. High signal fidelity ensures users can rely on a secure connection, with cyberattacks being identified in real-time.

A new cyberattack campaign has been distributing a novel malware loader called GHOSTPULSE via fake MSIX Windows app package files for popular software such as Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex. According to Joe Desimone, researcher at Elastic Security Labs, MSIX is a Windows app package format that developers can use to package, distribute, and install their applications for Windows users.

Multiple malicious Google Play Android apps downloaded over two million times push intrusive advertisements to users while hiding their presence on infected devices. Dr. Web's analysts identified trojans associated with the 'FakeApp,' 'Joker,' and 'HiddenAds' malware families on Google Play. According to Dr. Web, once these apps are installed on a victim's device, they hide by replacing their icons with those of Google Chrome or by using a transparent icon image to create empty space in the app drawer.

President Biden has issued an Executive Order to ensure that the US maximizes the potential of Artificial Intelligence (AI) and mitigates its risks. As AI's capabilities continue to increase, so do its implications for the safety and security of Americans. Through this Executive Order, the President directs calls for sweeping actions to be taken to protect Americans from the potential threats posed by AI systems. This article continues to discuss the new standards for AI safety and security.

The emergence of generative Artificial Intelligence (AI) has created new challenges for security teams. For CISOs, generative AI tools have brought on new potential issues, from enabling deepfakes that are nearly indistinguishable from reality to creating sophisticated phishing emails to take over accounts. The challenge posed by generative AI extends beyond Identity and Access Management (IAM), with attack vectors ranging from more innovative methods to infiltrate code to the exposure of sensitive proprietary data.

Modern processors have a fundamental flaw in their hardware architecture that allows adversaries to steal sensitive data. This insight arose from the Spectre attack reported in 2018, which affected many devices and operating systems. Apple was one of the manufacturers that developed countermeasures in response to this. However, according to researchers, even in 2023, Mac and iOS systems are inadequately protected against this type of attack.

Users of NextGen HealthCare's open-source data integration platform Mirth Connect are urged to update to the latest version because of an unauthenticated Remote Code Execution (RCE) flaw. Mirth Connect, also known as the "Swiss Army knife of healthcare integration," is a cross-platform interface engine that the healthcare industry uses to communicate and exchange data between disparate systems in a standardized way. The vulnerability, tracked as CVE-2023-43208, has been fixed in version 4.4.1, released on October 6, 2023.