網路安全概要: 由於 Tenable 研究發現與雲端相關的資料外洩事件無所不在,CISA 警告醫院留意 Black Basta
Find out why healthcare organizations must beware of the Black Basta ransomware group. Meanwhile, a Tenable study found that 95% of surveyed organizations suffered a cloud-related breach, and offers insights for boosting cloud security. Plus, a Cloud Security Alliance report delves into how AI syste...
網路安全概要: New Guide Explains How To Assess if Software Is Secure by Design, While NIST Publishes GenAI Risk Framework
Is the software your company wants to buy securely designed? A new guide outlines how you can find out. Meanwhile, a new NIST framework can help you assess your GenAI systems’ risks. Plus, a survey shows a big disconnect between AI usage (high) and AI governance (low). And MITRE’s breach post-mortem...
網路安全概要: Attackers Pounce on Unpatched Vulns, DBIR Says, as Critical Infrastructure Orgs Benefit from CISA’s Alert Program
Verizon’s DBIR found that hackers are having a field day exploiting vulnerabilities to gain initial access. Plus, a CISA program is helping critical infrastructure organizations prevent ransomware attacks. In addition, check out what Tenable’s got planned for RSA Conference 2024. And get the latest ...
網路安全概要: 最新的 MITRE ATT&CK 更新提供了有關生成式 AI、身分、雲端和 CI/CD 的安全洞見
Check out what’s new in Version 15 of the MITRE ATT&CK knowledge base of adversary tactics, techniques and procedures. Plus, learn the latest details about the Change Healthcare breach, including the massive scope of the data exfiltration. In addition, why AI cyberthreats aren’t impacting CISOs’ bud...
網路安全概要: Cyber Agencies Offer Secure AI Tips, while Stanford Issues In-Depth AI Trends Analysis, Including of AI Security
Check out recommendations for securing AI systems from the Five Eyes cybersecurity agencies. Plus, Stanford University offers a comprehensive review of AI trends. Meanwhile, a new open-source tool aims to simplify SBOM usage. And don’t miss the latest CIS Benchmarks updates. And much more!...
網路安全概要: CISA Says Midnight Blizzard Swiped U.S. Gov’t Emails During Microsoft Hack, Tells Fed Agencies To Take Immediate Action
Check out CISA’s urgent call for federal agencies to protect themselves from Midnight Blizzard’s breach of Microsoft corporate emails. Plus, a new survey shows cybersecurity pros are guardedly optimistic about AI. Meanwhile, SANS pinpoints the four trends CISOs absolutely must focus on this year. An...
網路安全概要: CSRB Calls Exchange Online Hack “Preventable,” While CISA, Others Warn About XZ Utils Backdoor Vulnerability
Check out why the Cyber Safety Review Board has concluded that the Microsoft Exchange Online breach “should never have occurred.” Plus, warnings about the supply chain attack against the XZ Utils open source utility are flying. In addition, a report says ransomware attacks surged in February. And th...
網路安全概要: U.S. Gov’t Unpacks AI Threat to Banks, as NCSC Urges OT Teams to Protect Cloud SCADA Systems
Check out new guidance for banks on combating AI-boosted fraud. Plus, how to cut cyber risk when migrating SCADA systems to the cloud. Meanwhile, why CISA is fed up with SQLi flaws. And best practices to prevent and respond to DDoS attacks. And much more!...
網路安全概要: NSA Picks Top Cloud Security Practices, while CNCF Looks at How Cloud Native Can Facilitate AI Adoption
Check out the NSA’s 10 key best practices for securing cloud environments. Plus, learn how cloud native computing could help streamline your AI deployments. Meanwhile, don’t miss the latest about cyberthreats against water treatment plants and critical infrastructure in general. And much more!...
網路安全概要: CISA 闡明雲端安全以及在混合 IAM 系統上的整合性
Check out CISA’s latest best practices for protecting cloud environments, and for securely integrating on-prem and cloud IAM systems. Plus, catch up on the ongoing Midnight Blizzard attack against Microsoft. And don’t miss the latest CIS Benchmarks. And much more!...
網路安全概要: Cyber Pros Say How AI Is Changing Their Work, While the FBI Reports Ransomware Hit Critical Infrastructure Hard in 2023
More than 40% of ransomware attacks last year impacted critical infrastructure. Plus, a survey shows how artificial intelligence is impacting cybersecurity jobs. Meanwhile, MITRE updated a database about insider threats. And why you need a custom compensation strategy to recruit cyber pros. And much...
網路安全概要: NIST’s Cybersecurity Framework Gets Major Update, as Advisories on APT29 and ALPHV Blackcat Get Rolled Out
Check out what’s new in NIST’s makeover of its Cybersecurity Framework. Plus, the latest guidance on cyberattack groups APT29 and ALPHV Blackcat. Also, how to assess the cybersecurity capabilities of a generative AI LLM. And the most prevalent malware in Q4. And much more!...