Joint Guidance on Deploying AI Systems Securely
Today, the National Security Agency’s Artificial Intelligence Security Center (NSA AISC) published the joint Cybersecurity Information Sheet Deploying AI Systems Securely in collaboration with CISA, the Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyb
Backdoor in XZ Utils That Almost Happened
Last week, the internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story of the attack and its discovery : The security of the global internet depends on countless obscure pieces of software written and maintained by
Pentagon Lays Out Strategy to Improve Defense Industrial Base Cybersecurity
The strategy, which covers fiscal years 2024 through 2027, lays out four topline goals, such as improving best practices within the industrial base. Each goal contains a subset of objectives, such as being able to recover from a cyberattack.
Source: Pentagon Lays Out Strategy to Improve Defense Industrial Base Cybersecurity
AT&T Says Data on 73 Million Customers Leaked on Dark Web
AT&T used the Easter holiday weekend to quietly share details on data that surfaced on the dark web roughly two weeks ago. The post appeared first on SecurityWeek .
Source: AT&T Says Data on 73 Million Customers Leaked on Dark Web
Patchless Apple M-Chip Vulnerability Allows Cryptography Bypass
The available options for addressing the flaw are limited, leaving many Macs vulnerable to a “GoFetch” attack that steals keys — even quantum-resistant ones.
Source: Patchless Apple M-Chip Vulnerability Allows Cryptography Bypass
FBI Director Wray talks takedown operations, nation-state hackers, and growing threats in cyberspace
One early Sunday morning in Munich a couple of weeks ago, the Click Here podcast had a rare one-on-one interview with FBI Director Christopher Wray to talk about the growing threat in cyberspace and, more specifically, recent takedown operations against nation-state hackers from both Russia and China. Wray was in Germany for two high-profile gatherings — the Munich Cyber Security Conference and t
Source: FBI Director Wray talks takedown operations, nation-state hackers, and growing threats in cyberspace
After decades of memory-related software bugs, White House calls on industry to act
The Biden administration is continuing to pressure the tech industry to make products that are secure from the outset, issuing a call on Monday for greater use of memory-safe programming languages. The effort by the Office of the National Cyber Director (ONCD) is aimed at cutting down on a class of bugs that has caused problems since the 1980s: coding errors that allow attackers to abuse how soft
Source: After decades of memory-related software bugs, White House calls on industry to act
NIST Cybersecurity Framework 2.0 Officially Released
NIST releases Cybersecurity Framework 2.0, the first major update since the creation of the CSF a decade ago. The post appeared first on SecurityWeek .
Source: NIST Cybersecurity Framework 2.0 Officially Released