Analytics & Intelligence
US, UK Accuse China of Years-Long Cyberespionage Campaign
The United States, the UK, and other countries this week accused a state-sponsored Chinese threat group of running a massive global hacking campaign for more than a decade that targeted political figures, ...
Security Boulevard
Embrace Generative AI for Security, But Use Caution
Generative AI will be a net positive for security, but with a large caveat: It could make security teams dangerously complacent ...
Security Boulevard
China Steals Defense Secrets ‘on Industrial Scale’
Richi Jennings | | china, china espionage, China-linked Hackers, Chinese, Chinese Communists, chinese government, chinese hacker, Chinese hackers, Chinese Intelligence, Chinese state-sponsored hacking group, Chinese Threat Actors, ConnectWise, ConnectWise Vulnerabilities, CVE-2022-0185, CVE-2022-3052, CVE-2023-22518, CVE-2024-1709, Data Stolen By China, Dawn Calvary, f5, F5 BIG-IP, F5 BIG-IP vulnerability, Genesis Day, gov.uk, Mandiant, MSS, MSS Hackers, Peoples Republic of China, PRC, PRC Espionage, SB Blogwatch, ScreenConnect, Teng Snake, uk, UNC302, UNC5174, Uteus, Xiaoqiying
UNC5174 ❤ UNC302: CVSS 10 and 9.8 vulnerabilities exploited by Chinese threat actor for People’s Republic ...
Security Boulevard
Tax Scams Ramping Up as the April 15 Deadline Approaches
With the IRS deadline only weeks away, businesses and individuals are racing to get their taxes filed, and bad actors are doing what they can to keep pace with them. Both Microsoft ...
Security Boulevard
Licensing AI Engineers
The debate over professionalizing software engineers is decades old. (The basic idea is that, like lawyers and architects, there should be some professional licensing requirement for software engineers.) Here’s a law journal ...
RaaS Groups Go Recruiting in Wake of LockBit, BlackCat Takedowns
The effects of the recent high-profile disruptions of LockBit’s and BlackCat ransomware operations by law enforcement agencies are rippling through the dark web, with smaller threat gangs looking to scoop up the ...
Security Boulevard
CISA, NSA, Others Outline Security Steps Against Volt Typhoon
Top cybersecurity agencies in the United States and other countries are again warning critical infrastructure companies about the “urgent risk” posed by Chinese state-sponsored threat group Volt Typhoon and are recommending steps ...
Security Boulevard
The AI Advantage: Mitigating the Security Alert Deluge in a Talent-Scarce Landscape
Joe Ariganello | | AI, AI Cybersecurity, Artificial Intelligence, Blog, Context Aware AI, Data Overload, Ponemon, Self-Supervised AI, Third Wave AI
The cybersecurity landscape is under siege. Organizations are bombarded by a relentless barrage of security alerts, often exceeding a staggering 22,111 per week on average. While Artificial Intelligence (AI) has emerged as ...
Ordr Taps AI to Augment Attack Surface Management
Michael Vizard | | AI, ASM, asset management, Attack Surface, Attack Surface Management, generative AI, Ordr
Ordr this week added an attack surface management (ASM) tool infused with artificial intelligence (AI) to its existing asset management portfolio ...
Security Boulevard
Public AI as an Alternative to Corporate AI
This mini-essay was my contribution to a round table on Power and Governance in the Age of AI. It’s nothing I haven’t said here before, but for anyone who hasn’t read my ...