Category: cybersecurity

Auto Added by WPeMatico

New York Increases Cybersecurity Rules for Financial Companies

Posted on By infossl
banking, computer security, cybersecurity, ransomware, regulation, Security technology, Uncategorized

Another example of a large and influential state doing things the federal government won’t: Boards of directors, or other senior committees, are charged with overseeing cybersecurity risk management, and must retain an appropriate level of expertise to understand cyber issues, the rules say. Directors must sign off on cybersecurity programs, and ensure that any security … Read More “New York Increases Cybersecurity Rules for Financial Companies” »

EPA Won’t Force Water Utilities to Audit Their Cybersecurity

Posted on By infossl
cybersecurity, infrastructure, national security policy, Security technology, Uncategorized, utilities

The industry pushed back: Despite the EPA’s willingness to provide training and technical support to help states and public water system organizations implement cybersecurity surveys, the move garnered opposition from both GOP state attorneys and trade groups. Republican state attorneys that were against the new proposed policies said that the call for new inspections could … Read More “EPA Won’t Force Water Utilities to Audit Their Cybersecurity” »

Security Vulnerability of Switzerland’s E-Voting System

Posted on By infossl
blockchain, cybersecurity, malware, Security technology, switzerland, Uncategorized, voting

Online voting is insecure, period. This doesn’t stop organizations and governments from using it. (And for low-stakes elections, it’s probably fine.) Switzerland—not low stakes—uses online voting for national elections. Andrew Appel explains why it’s a bad idea: Last year, I published a 5-part series about Switzerland’s e-voting system. Like any internet voting system, it has … Read More “Security Vulnerability of Switzerland’s E-Voting System” »

NSA AI Security Center

Posted on By infossl
artificial intelligence, cybersecurity, national security policy, nsa, Security technology, Uncategorized

The NSA is starting a new artificial intelligence security center: The AI security center’s establishment follows an NSA study that identified securing AI models from theft and sabotage as a major national security challenge, especially as generative AI technologies emerge with immense transformative potential for both good and evil. Nakasone said it would become “NSA’s … Read More “NSA AI Security Center” »

On the Cybersecurity Jobs Shortage

Posted on By infossl
cybersecurity, employment, Security technology, Uncategorized

In April, Cybersecurity Ventures reported on extreme cybersecurity job shortage: Global cybersecurity job vacancies grew by 350 percent, from one million openings in 2013 to 3.5 million in 2021, according to Cybersecurity Ventures. The number of unfilled jobs leveled off in 2022, and remains at 3.5 million in 2023, with more than 750,000 of those … Read More “On the Cybersecurity Jobs Shortage” »

Remotely Stopping Polish Trains

Posted on By infossl
cyberattack, cybersecurity, radio, russia, Security technology, transportation, Uncategorized

Turns out that it’s easy to broadcast radio commands that force Polish trains to stop: …the saboteurs appear to have sent simple so-called “radio-stop” commands via radio frequency to the trains they targeted. Because the trains use a radio system that lacks encryption or authentication for those commands, Olejnik says, anyone with as little as … Read More “Remotely Stopping Polish Trains” »

White House Announces AI Cybersecurity Challenge

Posted on By infossl
artificial intelligence, cybersecurity, darpa, infrastructure, Security technology, Uncategorized

At Black Hat last week, the White House announced an AI Cyber Challenge. Gizmodo reports: The new AI cyber challenge (which is being abbreviated “AIxCC”) will have a number of different phases. Interested would-be competitors can now submit their proposals to the Small Business Innovation Research program for evaluation and, eventually, selected teams will participate … Read More “White House Announces AI Cybersecurity Challenge” »

China Hacked Japan’s Military Networks

Posted on By infossl
china, cyberespionage, cybersecurity, espionage, hacking, japan, military, Security technology, Uncategorized

The NSA discovered the intrusion in 2020—we don’t know how—and alerted the Japanese. The Washington Post has the story: The hackers had deep, persistent access and appeared to be after anything they could get their hands on—plans, capabilities, assessments of military shortcomings, according to three former senior U.S. officials, who were among a dozen current … Read More “China Hacked Japan’s Military Networks” »

Microsoft Signing Key Stolen by Chinese

Posted on By infossl
authentication, backdoors, china, cybersecurity, hacking, keys, microsoft, Security technology, Uncategorized

A bunch of networks, including US Government networks, have been hacked by the Chinese. The hackers used forged authentication tokens to access user email, using a stolen Microsoft Azure account consumer signing key. Congress wants answers. The phrase “negligent security practices” is being tossed about—and with good reason. Master signing keys are not supposed to … Read More “Microsoft Signing Key Stolen by Chinese” »

New SEC Rules around Cybersecurity Incident Disclosures

Posted on By infossl
cyberattack, cybersecurity, disclosure, national security policy, risk assessment, risks, Security technology, Uncategorized

The US Securities and Exchange Commission adopted final rules around the disclosure of cybersecurity incidents. There are two basic rules: Public companies must “disclose any cybersecurity incident they determine to be material” within four days, with potential delays if there is a national security risk. Public companies must “describe their processes, if any, for assessing, … Read More “New SEC Rules around Cybersecurity Incident Disclosures” »