🦅 CISA Issues Urgent Advisory on Critical Vulnerabilities in Ivanti Products 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Overview The Cybersecurity and Infrastructure Security Agency CISA has issued a critical advisory report on vulnerabilities disclosed in multiple Ivanti products. These products include Ivanti Endpoint Manager Mobile EPMM, Ivanti Cloud Service Application CSA, Ivanti Velocity License Server, Ivanti Connect Secure, Policy Secure, and Ivanti Avalanche. The official advisory from Ivanti specifically addresses various vulnerabilities affecting the Ivanti Cloud Service Application CSA. It highlights that a limited number of customers using CSA versions 4.6 patches 518 and earlier have been exploited when certain vulnerabilitiesCVE20249379, CVE20249380, or CVE20249381are chained with CVE20248963. The recent advisory from Ivanti has indicated a range of vulnerabilities across their p...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
Urgent CISA Advisory On Ivanti Product Vulnerabilities
CISA warns of critical vulnerabilities in Ivanti products, urging immediate action to mitigate risks. Update systems to protect against potential exploits.
👍1
🕵️♂️ Vulnerability Prioritization & the Magic 8 Ball 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Vulnerability prioritization has evolved over the years. Several frameworks exist to help organizations make the right decisions when it comes to deciding which patches to apply and when. But are these better than a Magic 8 Ball?.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Vulnerability Prioritization & the Magic 8 Ball
Vulnerability prioritization has evolved over the years. Several frameworks exist to help organizations make the right decisions when it comes to deciding which patches to apply and when. But are these better than a Magic 8 Ball?
🕵️♂️ Microsoft: BYOD, QR Codes Lead Rampant Education Attacks 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
The average higher education institution is getting hit once a week now, and as one University of Oregon attack shows, the sector often lacks the resources to keep pace.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Microsoft: BYOD, QR Codes Lead Rampant Education Attacks
The average higher education institution is getting hit once a week now, and as one Oregon State University attack shows, the sector often lacks the resources to keep pace.
🦿 Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
Patch Tuesday brings patches for hundreds of vulnerabilities. Plus, Apple makes sure Sequoia plays nice with thirdparty security tools.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem
Patch Tuesday brings patches for hundreds of vulnerabilities. Plus, Apple makes sure Sequoia plays nice with third-party security tools.
👍1
📔 Internet Archive Breached, 31 Million Records Exposed 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The nonprofit digital library was also hit by at least two DDoS attacks in two days.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Internet Archive Breached, 31 Million Records Exposed
The non-profit digital library was also hit by at least two DDoS attacks in two days
🤯1
📢 Cyber expert suggests American Water cyber incident was a ransomware attack 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
The attack left 14 million customers without access to a service portal, disrupting billing processes, though the firm said it does not believe its water facilities were impacted.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Cyber expert suggests American Water cyber incident was a ransomware attack
The attack left 14 million customers without access to a service portal, disrupting billing processes, though the firm said it does not believe its water facilities were impacted
👍1
🖋️ 6 Simple Steps to Eliminate SOC Analyst Burnout 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The current SOC model relies on a scarce resource human analysts. These professionals are expensive, in high demand, and increasingly difficult to retain. Their work is not only highly technical and highrisk, but also soulcrushingly repetitive, dealing with a constant flood of alerts and incidents. As a result, SOC analysts often leave in search of better pay, the opportunity to move beyond.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦅 Cyble Urges ICS Vulnerability Fixes for TEM, Mitsubishi, and Delta Electronics 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Key Takeaways Cyble researchers investigated vulnerabilities in five ICSOT products this week and identified Mitsubishi Electric, TEM, and Delta Electronics products as top priorities for security teams. TEM has been unresponsive to reports of vulnerabilities in Opera Plus FM Family Transmitters, version 35.45, so users are urged to take mitigation steps. Mitsubishi Electric has no plans to fix vulnerabilities in MELSEC iQF FX5OPC communication units and instead recommended mitigation steps. Overview Cyble researchers have identified vulnerabilities in three products used in critical infrastructure environments that merit highpriority attention from security teams. Cybles weekly industrial control systemoperational technology ICSOT vulnerability report for Oct. 17 ...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
Cyble Calls For ICS Vulnerability Fixes In Delta Electronics
Cyble identifies critical ICS vulnerabilities in TEM, Mitsubishi, and Delta Electronics, urging urgent mitigation steps as fixes remain unavailable.
🖋️ Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system OS commands. The flaw, assigned the CVE identifier CVE20249441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck. "A vulnerability in the Nortek Linear eMerge E3 allows.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Walking the Tightrope Between Innovation & Risk 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
When employees and leaders engage with CISOs early in innovation projects, security concerns are addressed proactively, building trust and ensuring innovation and security coexist.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Walking the Tightrope Between Innovation & Risk
When employees and leaders engage with CISOs early in innovation projects, security concerns are addressed proactively, building trust and ensuring innovation and security coexist.
🦿 Deloitte: Why Only a Quarter of Cybersecurity Professionals are Women 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
Despite a huge talent shortage in the cybersecurity industry, women still feel discouraged from joining it due to concerns over their knowledge, its inclusivity, and the pay.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
Deloitte: Why Only a Quarter of Cybersecurity Professionals are Women
New research from Deloitte uncovers why there is still such a large gender gap in the security industry.
🛠 Wireshark Analyzer 4.4.1 🛠
📖 Read more.
🔗 Via "Packet Storm - Tools"
----------
👁️ Seen on @cibsecurity
Wireshark is a GTKbased network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercialquality analyzer for Unix and Win32 and to give Wireshark features that are missing from closedsource sniffers. This is the source code release.📖 Read more.
🔗 Via "Packet Storm - Tools"
----------
👁️ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
🛠 I2P 2.7.0 🛠
📖 Read more.
🔗 Via "Packet Storm - Tools"
----------
👁️ Seen on @cibsecurity
I2P is an anonymizing network, offering a simple layer that identitysensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.📖 Read more.
🔗 Via "Packet Storm - Tools"
----------
👁️ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
🧠 Risk, reward and reality: Has enterprise perception of the public cloud changed? 🧠
📖 Read more.
🔗 Via "Security Intelligence"
----------
👁️ Seen on @cibsecurity
Public clouds now form the bulk of enterprise IT environments. According to 2024 Statista data, 73 of enterprises use a hybrid cloud model, 14 use multiple public clouds and 10 use a single public cloud solution. Multiple and single private clouds make up the remaining 3. With enterprises historically reticent to adopt public clouds, adoption The post Risk, reward and reality Has enterprise perception of the public cloud changed? appeared first on Security Intelligence.📖 Read more.
🔗 Via "Security Intelligence"
----------
👁️ Seen on @cibsecurity
Security Intelligence
Risk, reward and reality: Has enterprise perception of the public cloud changed?
As public clouds now form the bulk of enterprise IT environments, how will public perception of cloud security continue to shift as AI comes into play?
🖋️ OpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year. This activity encompassed debugging malware, writing articles for websites, generating biographies for social media accounts, and creating AIgenerated profile pictures for fake accounts on X. "Threat.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Disinformation Campaign Targets Moldova Ahead of EU Referendum 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Operation MiddleFloor targets Moldovas October elections, spreading EU disinformation via email.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Disinformation Campaign Targets Moldova Ahead of EU Referendum
Operation MiddleFloor targets Moldova’s October elections, spreading EU disinformation via email
📔 Over 10m Conversations Exposed in AI Call Center Hack 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The data breach exposed more than 10m customer conversations from an AI call center platform in the Middle East.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Over 10m Conversations Exposed in AI Call Center Hack
The data breach exposed more than 10m customer conversations from an AI call center platform in the Middle East
📔 EU Adopts Cyber Resilience Act for Connected Devices 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The EU's Cyber Resilience Act requires cybersecurity standards for all connected products throughout their entire lifecycle.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
EU Adopts Cyber Resilience Act for Connected Devices
The EU's Cyber Resilience Act requires cybersecurity standards for all connected products throughout their entire lifecycle
📔 Marriott Agrees $52m Settlement for Massive Data Breach 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Marriott will pay 52m to 50 US states for a data breach impacting 131.5 million American customers, and has agreed to implement stronger security practices.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Marriott Agrees $52m Settlement for Massive Data Breach
Marriott will pay $52m to 50 US states for a data breach impacting 131.5 million American customers, and has agreed to implement stronger security practices
🪖 Staff Stories Spotlight Series: Cybersecurity Awareness Month 2024 🪖
📖 Read more.
🔗 Via "NIST"
----------
👁️ Seen on @cibsecurity
This blog is part of a larger NIST series during the month of October for Cybersecurity Awareness Month , called 'Staff Stories Spotlight.' Throughout the month of October this year, QA style blogs will be published featuring some of our unique staff members who have interesting backgrounds, stories to tell, and projects in the world of cybersecurity. This years Cybersecurity Awareness Month theme is Secure our World. How does this theme resonate with you, as someone working in cybersecurity? The theme Secure our World resonates with me because I enjoy researching about cybersecurity.📖 Read more.
🔗 Via "NIST"
----------
👁️ Seen on @cibsecurity
NIST
Staff Stories Spotlight Series: Cybersecurity Awareness Month 2024
This blog is part of a larger NIST series during the month of October for
🪖 Scalability Challenges in Privacy-Preserving Federated Learning 🪖
📖 Read more.
🔗 Via "NIST"
----------
👁️ Seen on @cibsecurity
This post is part of a series on privacypreserving federated learning. The series is a collaboration between NIST and the UK governments Responsible Technology Adoption Unit RTA, previously known as the Centre for Data Ethics and Innovation. Learn more and read all the posts published to date at NISTs Privacy Engineering Collaboration Space or RTAs blog . Introduction In this post, we talk with Dr. Xiaowei Huang and Dr. Yi Dong University of Liverpool, Dr. Mat Weldon UK Office of National Statistics ONS, and Sikha Pentyala University of Washington Tacoma, who were winners in the.📖 Read more.
🔗 Via "NIST"
----------
👁️ Seen on @cibsecurity
NIST
Scalability Challenges in Privacy-Preserving Federated Learning
This post is part of a series on privacy-preserving federated learning.