News
-
"NSA and ESF Partners Release Recommended Practices for Software Bill of Materials Consumption"The National Security Agency (NSA), the Office of the Director of National Intelligence (ODNI), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have published "Securing the Software Supply Chain: Recommended Practices
-
"CISA Adds SLP Flaw to Its Known Exploited Vulnerabilities Catalog"The US Cybersecurity and Infrastructure Security Agency (CISA) has added the Service Location Protocol (SLP) vulnerability, tracked as CVE-2023-29552 with a CVSS score of 7.5, to its Known Exploited Vulnerabilities (KEV) catalog.
-
"Sandworm Cyberattackers Down Ukrainian Power Grid During Missile Strikes"Russia's Sandworm Advanced Persistent Threat (APT) group used Living-off-the-Land (LotL) techniques to cause a power outage in a Ukrainian city during missile strikes in October last year.
-
"Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI"A new set of malicious Python packages has infiltrated the Python Package Index (PyPI) repository, aiming to steal sensitive information from compromised developer systems.
-
"Major ChatGPT Outage Caused by DDoS Attack"OpenAI has confirmed that ChatGPT and its API experienced a major outage on Wednesday due to what appeared to be a distributed denial-of-service (DDoS) attack.
-
"Japan Aviation Electronics Targeted in Ransomware Attack"Japanese electronics manufacturer Japan Aviation Electronics is recovering from a cyberattack for which the Alphv/BlackCat ransomware group has claimed responsibility. The company was founded in 1953 and headquartered in Shibuya, Tokyo.
-
"UND Receives US Department of Energy Funding for Cybersecurity Initiative"Researchers at the University of North Dakota (UND) will use an award from the US Department of Energy (DOE) to develop algorithms for a cybersecurity software tool that will help Distributed Energy Resources (DERs) securely participate in energy marke
-
"Smart Speakers, Smarter Protection"Although smart speakers such as Alexa offer convenience, they have raised some privacy concerns.
-
"Lack of Federal Data Privacy Law Seen Hurting IT Security"Experts at a recent virtual conference by R Street, a non-profit think tank, discussed the issues of data privacy and data security.
-
"Microsoft Warns of Election Threats in 2024"A recent threat intelligence assessment released by Microsoft’s Threat Analysis Center (MTAC) has warned of potential unprecedented challenges to the security of elections over the next year.
-
"New Tool Automates the Formal Verification of Systems Software"Formal systems verification is a relatively new technology that mathematically proves code is secure. Traditional software testing techniques are becoming less effective as software becomes more complex.
-
"Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation"Cybersecurity researchers have developed the first fully undetectable cloud-based cryptocurrency miner that uses the Microsoft Azure Automation service.