The US government Cybersecurity and Infrastructure Security Agency (CISA) has been working with the UK’s National Cyber Security Centre (NCSC) and other partners to produce some guidelines for developing secure AI technologies. Guidelines for secure AI system development – NCSC.GOV.UK Even if you are not in AI the document has …
Let’s start the week with Ransomware
Ransomware is not going away – it is getting worse. RagnarLocker ransoms its last victim as cybercops seize site • The Register US energy firm shares how Akira ransomware hacked its systems (bleepingcomputer.com) Is it ransomware or something else? Whatever it is a problem. American Family Insurance confirms cyberattack is …
It was just a typo… and a fix.
I have heard that excuse many, many times – including just last week when a client could not get access to his account! But what happens when the typo has cyber security implications? What happens when the typo has national security implications? Typo sends millions of US military emails to …
US government Cybersecurity and Infrastructure Security Agency Advisories
The US government Cybersecurity and Infrastructure Security Agency (CISA) site in one of my “go to” places for information on vulnerabilities, exploitations and patches. Built for the US Government, and American centric, it is still a great resource. This week it has run an excellent article for security professionals on …
Continue reading “US government Cybersecurity and Infrastructure Security Agency Advisories”
Patching Matters…
…for governments and for you. Hot on the heels of Microsoft’s Patch Tuesday – an important day of the month for patches and updates from many vendors – is appears that various threat actors gained access to an unpatched US Government Agency server, exploiting a three year old vulnerability that …
