Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The security breach poses a major national security risk. A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers.

Government 114

Government Telecommunications Surveillance Risk 114

Schneier on Security

JUNE 29, 2021

Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example). Bugs and vulnerabilities can lead to inaccurate evidence, but the proprietary nature of software makes it hard for defendants to examine it.

Software 358

Software Risk Government Engineering 358

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The security breach poses a major national security risk. A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers.

Government 115

Government Telecommunications Surveillance Risk 115

Schneier on Security

APRIL 27, 2023

Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic. Many AI products are deployed without institutions fully understanding the security risks they pose.

Risk 294

Risk Cybersecurity Government Engineering 294

Krebs on Security

FEBRUARY 26, 2025

government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” The government disclosed the details in a court motion to keep the defendant in custody until he is discharged from the military. ” prosecutors in the case said Wednesday.

Hacking 232

Hacking Government Identity Theft Accountability 232

SecureWorld News

FEBRUARY 6, 2025

Representatives Josh Gottheimer (D-NJ) and Darin LaHood (R-IL) introduced the bipartisan No DeepSeek on Government Devices Act, seeking to prohibit federal employees from using the AI-powered application DeepSeek on government-issued devices. Federal Communications Commission (FCC) for security concerns. For the U.S. For the U.S.

Government 76

Government Artificial Intelligence Data privacy Mobile 76

Security Boulevard

JANUARY 14, 2025

The post Critical Infrastructure Seeing Benefits of Government Program, CISA Says appeared first on Security Boulevard.

Government 108

Government Security Awareness Risk Malware 108

Responsible Cyber

NOVEMBER 23, 2024

However, with every partnership comes potential risk. As networks expand to include third, fourth, and even fifth parties, the complexities of managing these risks multiply. For CCEOs and senior leaders, effective third-party risk management (TPRM) is not just a necessity—it’s a strategic imperative.

Risk 105

Risk Government Education Technology 105

Security Boulevard

JANUARY 24, 2025

With the world being highly data-driven, data is an organizations most valuable asset, so implementing a data governance framework is essential. The post The Role of Data Governance in Strengthening Enterprise Cybersecurity appeared first on Security Boulevard.

Government 99

Government Cybersecurity Risk 99

The Last Watchdog

MARCH 19, 2025

SpyCloud , the leading identity threat protection company, today released its 2025 SpyCloud Annual Identity Exposure Report , highlighting the rise of darknet-exposed identity data as the primary cyber risk facing enterprises today. It requires organizations to rethink the risks posed by employees, consumers, partners and suppliers.

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113

Security Boulevard

JANUARY 8, 2025

The post Insecure Medical Devices Illumina DNA Sequencer Illuminates Risks appeared first on Security Boulevard. IEI-IEI, Oh: Running an obsolete OS, on obsolete hardware, configured with obsolete settings.

Risk 125

Risk Social Engineering Internet Internet 125

Security Affairs

FEBRUARY 3, 2025

Ron Wyden warns of national security risks after Elon Musk s DOGE was given full access to sensitive Treasury systems. Ron Wyden warned of national security risks after Elon Musk s team, Department of Government Efficiency (DOGE), was granted full access to a sensitive U.S. Treasury payments system poses significant risks.

Risk 120

Risk Surveillance Cyber threats Marketing 120

Security Boulevard

OCTOBER 23, 2024

The post IBM Addresses AI, Quantum Security Risks with New Platform appeared first on Security Boulevard. IBM is rolling out Guardian Data Security Center, a framework designed to give enterprises the tools they need to address the emerging cyberthreats that come the ongoing development of generative AI and quantum computing.

Risk 114

Risk Data privacy Mobile Government 114

Joseph Steinberg

JULY 20, 2022

And, while today’s commercially-created quantum machines are nowhere near powerful enough to approach quantum supremacy, absolutely nobody knows the true extent of the quantum capabilities of all of the technologically-advanced governments around the world. Clearly, there is a need to act in advance – and acting takes time.

Risk 338

Risk Encryption Government Artificial Intelligence 338

Security Affairs

FEBRUARY 2, 2025

Texas bans DeepSeek and RedNote on government devices to block Chinese data-harvesting AI, citing security risks. Texas and other states banned TikTok on government devices. The AI-powered chatbot, recently launched globally, has rapidly gained popularity reaching millions of users. reads the announcement.

Government 82

Government Artificial Intelligence Media Data collection 82

Security Boulevard

NOVEMBER 25, 2024

A cyber risk assessment is a tool that helps organizations identify and prioritize risks associated with threats that are relevant to their unique environment. The post Defining Cyber Risk Assessment and a Compliance Gap Analysis and How They Can be Used Together appeared first on Security Boulevard.

Cyber Risk 110

Cyber Risk Risk Security Awareness Government 110

The Last Watchdog

AUGUST 29, 2023

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them. It is difficult to deny that cyberthreats are a risk to planes. Risks delineated Still, there have been many other incidents since. Fortunately, there are ways to address the risks.

Software 264

Software Risk Artificial Intelligence Cyber Attacks 264

The Last Watchdog

DECEMBER 18, 2024

Madhu Shashanka , Chief Data Scientist, Concentric AI Generative AI in 2025 will bring transformative opportunities but heightened cybersecurity risks, including data exposure, AI misuse, and novel threats like prompt injection attacks. Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms.

Risk 173

Risk Threat Detection Technology Phishing 173

Schneier on Security

MARCH 1, 2024

It also has a new focus on governance, which encompasses how organizations make and carry out informed decisions on cybersecurity strategy. ’s newly added Govern function. . […] The framework’s core is now organized around six key functions: Identify, Protect, Detect, Respond and Recover, along with CSF 2.0’s

Cybersecurity 332

Cybersecurity Small Business Government Risk 332

The Last Watchdog

MARCH 24, 2025

Its a question of how much risk your organization is willing to take, based on the data you must protect and its long-term value. We recommend using Dr. Michele Moscas theorem of quantum risk against an optimistic vs. pessimistic probability analysis. This is where the concern of harvest now, decrypt later attacks apply.

Encryption 130

Encryption Financial Services Technology Risk 130

Schneier on Security

JULY 1, 2021

To overcome these challenges and champion the positive effects of cyber insurance, this paper calls for a series of interventions from government and industry. To date, the UK government has taken a light-touch approach to the cyber insurance industry. Often, that’s paying the ransom.

Insurance 339

Insurance Cyber Insurance Ransomware Marketing 339

SecureWorld News

MARCH 6, 2025

government. This means that thousands of government contractors will soon be required to implement structured processes for identifying, reporting, and mitigating vulnerabilities, aligning them with U.S. government and among the many contractors and vendors that support federal agencies."

Cybersecurity 81

Cybersecurity Government Marketing Cyber threats 81

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Risk 259

Risk VPN Internet Internet 259

Security Affairs

OCTOBER 23, 2024

The charges result from an investigation conducted by the US government into public companies potentially impacted by the supply chain attack on SolarWinds’ Orion software. The federal securities laws prohibit half-truths, and there is no exception for statements in risk-factor disclosures.”

Hacking 118

Hacking Risk Cybersecurity Government 118

Schneier on Security

NOVEMBER 3, 2023

Another example of a large and influential state doing things the federal government won’t: Boards of directors, or other senior committees, are charged with overseeing cybersecurity risk management, and must retain an appropriate level of expertise to understand cyber issues, the rules say.

Cybersecurity 321

Cybersecurity Government Risk Banking 321

IT Security Guru

NOVEMBER 1, 2024

Cyber attacks can compromise critical infrastructure, financial systems, and sensitive government data. The risk posed by these actors continues to grow as nations rely increasingly on interconnected digital infrastructure. Phishing and Social Engineering: These tactics manipulate individuals to disclose sensitive information.

Technology 109

Technology Cyber Attacks Government Social Engineering 109

Security Affairs

NOVEMBER 28, 2024

Many reports claim these bad actors have gained access to some providers’ customer information over an extended period of time – phone calls, text messages, and other sensitive information, particularly from government officials. Connectivity to a compromised provider was interrupted, and T-Mobile notified industry and government leaders.

Mobile 119

Mobile Telecommunications Government Internet 119

Schneier on Security

SEPTEMBER 9, 2024

In 2018, Australia passed the Assistance and Access Act, which—among other things—gave the government the power to force companies to break their own encryption. The Assistance and Access Act includes key components that outline investigatory powers between government and industry.

Encryption 340

Encryption Computers and Electronics Government Security Intelligence 340

SecureWorld News

MARCH 20, 2025

A newly discovered Windows zero-day vulnerability is actively being exploited by nation-state threat actors, raising serious cybersecurity concerns across government, financial, and critical infrastructure sectors. lnk) files. Nearly 1,000 malicious.lnk files exploiting ZDI-CAN-25373 have been identified," the report stated. Who is affected?

Cryptocurrency 100

Cryptocurrency Telecommunications Government Education 100

Malwarebytes

NOVEMBER 8, 2024

The Government of Canada ordered the TikTok Technology Canada Inc. The government is taking action to address the specific national security risks related to ByteDance Ltd.’s We don’t just report on threats – we help protect your social media Cybersecurity risks should never spread beyond a headline.

Media 128

Media Identity Theft Government Technology 128

Schneier on Security

JUNE 21, 2022

3(c)(7)(A)(iii) would allow a company to deny access to apps installed by users, where those app makers “have been identified [by the Federal Government] as national security, intelligence, or law enforcement risks.” 2(a)(2), the definition of business user excludes any person who “is a clear national security risk.”

Internet 332

Internet Internet Encryption Backups 332

The Hacker News

FEBRUARY 4, 2025

Taiwan has become the latest country to ban government agencies from using Chinese startup DeepSeek's Artificial Intelligence (AI) platform, citing security risks.

Artificial Intelligence 131

Artificial Intelligence Risk Government Information Security 131

SecureWorld News

NOVEMBER 18, 2024

Among the key findings: Widespread vulnerabilities: The OIG's passive assessment revealed critical or high-risk vulnerabilities in 97 drinking water systems serving more than 26.6 This is in sharp contrast to adversaries that are organized and managed by a government, rather than commercial and government cooperatives.

Cybersecurity 112

Cybersecurity Risk Penetration Testing Technology 112

Joseph Steinberg

NOVEMBER 17, 2021

He frequently serves as a cybersecurity expert witness , advises businesses and governments on information security matters, and has amassed millions of readers as a regular columnist for Forbes and Inc. His opinions are also frequently cited in books, law journals, security publications, and general interest periodicals.

Cybersecurity 363

Cybersecurity Artificial Intelligence Government Information Security 363

Adam Shostack

JANUARY 2, 2025

The Cybok project has released its v1 "Risk Management & Governance Knowledge Area"; I was a reviewer. Just what the title says. Towards Automated Security Design Flaw Detection is an interesting paper from academics in Belgium and Sweden.

Risk 130

Risk Government 130

Schneier on Security

AUGUST 2, 2023

There are two basic rules: Public companies must “disclose any cybersecurity incident they determine to be material” within four days, with potential delays if there is a national security risk. Continuous assessment of the risk reduction activities should be elevated within an enterprise risk management framework and process.

Cybersecurity 244

Cybersecurity Risk Government Accountability 244