Unpacking CISA’s AI guidelines
CISA’s late April AI and infrastructure guidelines address 16 sectors along with their cybersecurity needs and operations concerning the growth of AI as a tool to build both federal and vendor cybersecurity infrastructure in the federal marketplace.....»»
Unpacking the challenges of AI cybersecurity
As organizations handle increasing amounts of data daily, AI offers advanced capabilities that would be harder to achieve with traditional methods. In this Help Net Security video, Tyler Young, CISO at BigID, explores AI’s challenges, triumphs,.....»»
Without clear guidance, SEC’s new rule on incident reporting may be detrimental
The SEC has instituted a set of guidelines “requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and gove.....»»
Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082)
A previously patched critical vulnerability (CVE-2023-35082) affecting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core is being actively exploited, the Cybersecurity and Infrastructure Security Agency (CISA) has confirmed by adding the vuln.....»»
Guidelines for single-nanometer magnetic tunnel junction technology
Researchers at Tohoku University have developed guidelines for a single-nanometer magnetic tunnel junction (MTJ), allowing for performance tailoring to meet the requirements of diverse applications, ranging from AI/IoT to automobiles and space techno.....»»
Apple revises US App Store rules to let developers link to outside payment methods, but it will still charge a commission
In light of the US Supreme Court denying to hear Apple’s appeal in its legal battle with Epic Games, Apple has announced a handful of changes coming to the App Store Guidelines. Starting today, Apple is updating the App Store Guidelines to comply w.....»»
Unpacking social equity from biodiversity data: An interdisciplinary policy perspective
Biodiversity data collection is growing exponentially. The increase is driven in part by international commitments to conservation, market investments and technological advances, and the growing urgency of human impacts including climate change. Nati.....»»
Apple asks developers not to refer to their visionOS apps as ‘AR’ or ‘VR’
Apple on Monday confirmed that Vision Pro will arrive in stores early next month. Following this announcement, the company also released an Xcode update that lets developers submit visionOS apps to the App Store. Interestingly, new guidelines from Ap.....»»
Apple"s Legal Process Guidelines updated with stricter rules for notifications subpoena
Government notification surveillance is now more difficult with Apple's latest Legal Process Guidelines requiring court-issued search warrants.NotificationsSenator Ron Wyden revealed that the government used notification data obtained from Apple and.....»»
SCS 9001 2.0 reveals enhanced controls for global supply chains
In this Help Net Security interview, Mike Regan, VP of Business Performance at TIA, discusses SCS 9001 Release 2.0, a certifiable standard crafted to assist organizations in operationalizing the NIST and other government guidelines and frameworks. En.....»»
CISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360)
Unknown attackers have leveraged a critical vulnerability (CVE-2023-26360) in the Adobe ColdFusion application development platform to access government servers, the Cybersecurity and Infrastructure Security Agency (CISA) has shared. About the exploi.....»»
Exploring acoustic design for better, quieter prisons
Prisons are typically noisy environments, filled with clanking metal bars and echoing concrete surfaces. This level of constant noise is harmful to both prisoners and staff, but there are few guidelines for designing better, quieter facilities......»»
CyberAv3ngers hit Unitronics PLCs at multiple US-based water facilities
Iran-affiliated attackers CyberAv3ngers continue to exploit vulnerable Unitronics programmable logic controllers (PLCs), US and Israeli authorities have said in a joint cybersecurity advisory. CyberAv3ngers targeting Unitronics PLCs CISA has recently.....»»
CISA urges water facilities to secure their Unitronics PLCs
News that Iran-affiliated attackers have taken over a programmable logic controller (PLC) at a water system facility in Pennsylvania has been followed by a public alert urging other water authorities to immediately secure their own PLCs. “The c.....»»
Trying to spend less on food? Following the dietary guidelines might save you $160 a fortnight
A rise in the cost of living has led many households to look for ways to save money......»»
New multi-national AI security guidelines are toothless and weak
The United States, United Kingdom, and 16 other countries want to keep the development of AI systems secure, but a framework issued by the group offers common sense recommendations, and lacks firm action points.Introduced on Sunday by the US Cybersec.....»»
CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector
The Cybersecurity and Infrastructure Security Agency (CISA) has announced a pilot program that aims to offer cybersecurity services to critical infrastructure entities as they have become a common target in cyberattacks. “In alignment with CISA.....»»
Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)
CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is.....»»
Juniper networking devices under attack
CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are not particularly severe by themselves, but they can be – and have been.....»»
Unpacking the challenges of anti-money laundering obligations
When managing anti-money laundering (AML) obligations, many challenger banks turn to basic or unproven in-house risk management solutions. Although these solutions can, in some ways, be innovative, they are often built quickly and lack thorough testi.....»»
Researchers publish first harmonized exposure protocol for ecotoxicity testing of micro- and nano-plastics
Plastic pollution has become a significant environmental and human health issue at a global scale. Yet despite increasing concern over the harmful effects of micro- and nano-plastics (MNPs), no harmonized guidelines or protocols for their ecotoxicity.....»»