CSC Report Highlights Cybersecurity Threats .AI Domains Pose
Almost half of of Forbes Global 2000 companies do not have control over their branded artificial intelligence (.AI) domain names ... Read More
CISA and FBI to Network Admins: Patch Atlassian Confluence Now
Federal security agencies are urging network administrators to immediately patch Atlassian Confluence servers to protect against a critical security flaw that is being exploited by cybercriminals. The Cybersecurity and Infrastructure Security Agency (CISA), FBI, and Multi-State Information Sharing and Analysis Center (MS-ISAC) this week issued an advisory saying that the ... Read More
EPA Withdraws Cybersecurity Requirements for Water Systems
The Environmental Protection Agency in March ordered states to begin assessing the cybersecurity of their public water systems, a part of the Biden Administration’s multi-pronged effort to shore up the protections around the country’s critical infrastructure operations. Seven months later, the agency is withdrawing the order in the wake of ... Read More
Cisco Zero-Day: As Bad as it Gets — and No Fix 4 Weeks in
Richi Jennings | | 0-day, 0-day exploits, 0-day vulnerability, 0day, cisco, Cisco IOS XE, CVE-2023-20198, SB Blogwatch, Zero Day Attacks, zero-day, Zero-Day Bug, Zero-day Exploit, zero-day exploits, zero-day flaw, zero-day flaws, zero-day threat, zero-day vulnerabilities, Zero-day Vulnerability, zero-days, zeroday, zerodayvulnerabilitiesKeeping us in suspense—It doesn’t get worse than this: CVE-2023-20198 is CVSS=10 ... Read More
JumpCloud Adds Passwordless Authentication to Open Directory Platform
Michael Vizard | | Authentication, biometric, identity and access management, JumpCloud, passwordlessJumpCloud Inc. today updated its Open Directory platform to include support for a passwordless login capability, dubbed JumpCloud Go ... Read More
Can My AI Program Sue? Supreme Court’s ADA Decision May Have the Answer
Mark Rasch | | accessibility, AI, Americans With Disabilities, Cyberlaw, discrimination, generative AI, wcagThe idea of standing is central to ADA-related web accessibility suits. Do bots and AI meet the requirements for standing? ... Read More
RomCom Malware Group Targets EU Gender Equality Summit
A hacker group that continues to extend its reach from financially motivated attacks into cyber-espionage this summer targeted attendees of a gender equality conference with a pared-down version of the RomCom remote access trojan (RAT). Void Rabisu – also known as Tropical Scorpius, Storm-0978, and UNC2596 – in August leveraged ... Read More
Elon’s CSAM FAIL: Twitter Fined by Australian Govt.
Richi Jennings | | Australia, Australian Government, Child Abuse, child exploitation, Child Online Safety, child porn, child pornography, Child protection, Child Safety, child security online, child sexual exploitation, childpornography, CSAM, Digital Trust and Safety, Elon Musk, elon musk twitter, eSafety Commission, grooming, Julie Inman Grant, Linda Yaccarino, SB Blogwatch, trust and safety, Twitter, XStraya strikes back: Musk’s mob declines to answer questions, breaking law dunundah ... Read More
Microsoft Launches an AI Bug Bounty Program
As Microsoft aggressively integrates AI into its broad portfolio of products and services, the IT giant now is looking for help to ensure they are free of vulnerabilities. The company this month unveiled a new bug bounty program that will pay between $2,000 and $15,000 for flaws found in its ... Read More
Survey Sees Shift to Passwordless Authentication Accelerating
A survey of 1,005 IT decision-makers published today found 89% expected their organizations to use passwords for less than 25% of logins within five years ... Read More
