News June 10, 2024 Should there be a total ban on ransomware payments? 3 min read - The debate about the United States government banning companies from making ransomware payments is back in the headlines. Recently, the Ransomware Task Force for the Institute for Security and Technology released a memo on the topic. The task force stated…
Artificial Intelligence June 7, 2024 Open source, open risks: The growing dangers of unregulated generative AI 3 min read - While mainstream generative AI models have built-in safety barriers, open-source alternatives have no such restrictions. Here’s what that means for cyber crime. There’s little doubt that open-source is the future of software. According to the 2024 State of Open Source…
Offensive Security June 6, 2024 X-Force discovers new vulnerabilities in smart treadmill 7 min read - IBM X-Force Red researchers discovered four vulnerabilities in Precor's internet-connected treadmill. Explore the findings.
Cloud Security June 6, 2024 AI-driven compliance: The key to cloud security 3 min read - The growth of cloud computing continues unabated, but it has also created security challenges. The acceleration of cloud adoption has created greater complexity, with limited cloud technical expertise available in the market, an explosion in connected and Internet of Things (IoT) devices…
News June 4, 2024 CISA warns about directory traversal vulnerabilities 3 min read - On May 02, 2024, CISA and the FBI released a Security by Design alert to all software manufacturers and customers regarding an ongoing security vulnerability associated with “directory traversal” (also known as path traversal) in the software design process. The…
Government May 30, 2024 Important details about CIRCIA ransomware reporting 4 min read - In March 2022, the Biden Administration signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). This landmark legislation tasks the Cybersecurity and Infrastructure Security Agency (CISA) to develop and implement regulations requiring covered entities to…
Cloud Security June 6, 2024 AI-driven compliance: The key to cloud security 3 min read - The growth of cloud computing continues unabated, but it has also created security challenges. The acceleration of cloud adoption has created greater complexity, with limited cloud technical expertise available in the market, an explosion in connected and Internet of Things (IoT) devices…
News June 5, 2024 5 takeaways from the White House cybersecurity workforce discussion 3 min read - The Office of the National Cyber Director (ONCD) recently hosted a 3-hour discussion on creating a strong cybersecurity workforce; the results are enlightening. The session involved representatives from more than 30 public and private organizations spanning 12 industries. The ONCD…
News June 4, 2024 CISA warns about directory traversal vulnerabilities 3 min read - On May 02, 2024, CISA and the FBI released a Security by Design alert to all software manufacturers and customers regarding an ongoing security vulnerability associated with “directory traversal” (also known as path traversal) in the software design process. The…
News June 4, 2024 What will a TikTok ban mean for U.S. cybersecurity? 3 min read - President Joe Biden signed a bill on April 24, 2024, giving Byte Dance, the Chinese parent company of TikTok, two options: sell TikTok within nine months or face a ban on the app in the United States. The bill comes…