Security News

What role do AI and automation play in cloud communications cybersecurity, and how can these technologies be leveraged to improve security posture? AI and automation are transforming cloud communications cybersecurity by enhancing threat detection, response times and the overall efficacy and efficiency of security operations.

In this Help Net Security video, Kory Daniels, CISO at Trustwave, shines a light on the impact the current threat environment can have for both universities and students. 1.8 million devices related to the education industry are being publicly exposed globally- Ransomware attacks remain the dominant source of breaches for the education sector- Threat actors are selling VPN access to universities on the dark web- The "Russian Market" on the dark web has listed over 82,000 logs mentioning the name mit.

MITRE now offers an open-source version of its Aviation Risk Identification and Assessment software suite, OpenARIA. This initiative is dedicated to enhancing aviation safety and efficiency through the active involvement of the aviation community. The first prototype of ARIA was developed for the Federal Aviation Administration in collaboration with the FAA's Safety and Technical Training service unit Quality Assurance group, and it was introduced in October 2020.

Online graphic design platform Canva went looking for security problems in fonts, and found three - in "Strange places." Tools like FontForge and ImageMagick can rename filenames of fonts, allowing users to work within a complex naming system to better locate a desired font inside a collection.

On the government side of things, this includes a voluntary threat intelligence sharing program between the Feds and open source software developers and operators, which the US Cybersecurity and Infrastructure Security Agency will lead. "We want to help foster real-time collaboration around security incidents," CISA director Jen Easterly explained in a keynote address at the agency's Open Source Software Security Summit this week. While it's not exactly new, in 2022 NPM - which bills itself as the world's largest software registry - began requiring maintainers of high-impact projects to use MFA. Last year, NPM developed tools that allow maintainers to automatically generate package provenance and Software Bill of Materials, which allow anyone using the open source packages to trace and verify code dependencies.

The NSA and the Cybersecurity and Infrastructure Security Agency have released five joint cybersecurity bulletins containing on best practices for securing a cloud environment. Today, the NSA and CISA have issued five join documents on how to secure your cloud services using best practices.

A group of 41 US state attorneys general, tired of serving as a customer complaint clearinghouse for Facebook and Instagram users, have sent a letter to Meta asking it to figure out how to reduce a "Dramatic and persistent spike" in account takeovers. In a letter [PDF] dated March 5, the AGs said their offices have received skyrocketing complaints from Facebook and Instagram users about account takeovers and lockouts since 2022.

The National Cyber Security Centre of Switzerland has released a report on its analysis of a data breach following a ransomware attack on Xplain, disclosing that the incident impacted thousands of sensitive Federal government files. The Swiss government started investigating the leaked files and instantly admitted that the leaked data might contain documents belonging to the Federal Administration of Switzerland.

Millions of Chrome users now have a way to guard against the threat of extension subversion, that is, if they don't mind installing yet another browser extension. As we reported last August, those who develop Chrome extensions that become popular often receive solicitations to sell their code or to partner with a third-party in order for the new owner or partner to insert dubious, scammy, or malicious code in the extension.

A criminal claiming to be an ALPHV/BlackCat affiliate - the gang responsible for the widely disruptive Change Healthcare ransomware infection last month - may have ties to Chinese government-backed cybercrime syndicates. "Some of our HUMINT sources with direct contact to Notchy says it's high probability that Notchy is associated with China Nation-State groups," Menlo's threat intel team said in a report Wednesday.