Google is rolling out a red team charged with testing the security of AI systems by running simulated but realistic attacks to uncover vulnerabilities or other weaknesses that could be exploited by cybercriminals.

The post Google Launches Red Team to Secure AI Systems Against Attacks appeared first on Security Boulevard.

Earlier this month, Rambler Gallo pled not guilty to charges that he attempted to sabotage the water treatment facility in Discovery Bay, California. The facility provides treatment for the water and wastewater systems for the town’s 15,000 residents. An unsealed federal court indictment showed Gallo logged into the Supervisory Control and Data Acquisition (SCADA) network..

The post Insider Indicted for Attempting to Sabotage California Water Plant appeared first on Security Boulevard.

The post Understanding the Importance of a HIPAA Audit Log in Compliance appeared first on Scytale.

The post Understanding the Importance of a HIPAA Audit Log in Compliance appeared first on Security Boulevard.

The post Microsoft Lost Its Keys, Voice Cloning Scams, The Biden-Harris Cybersecurity Labeling Program appeared first on Shared Security Podcast.

The post Microsoft Lost Its Keys, Voice Cloning Scams, The Biden-Harris Cybersecurity Labeling Program appeared first on Security Boulevard.

Last week I spoke for Jersey Cyber Security Centre ( CERT.JE) about the changing threats facing us — from the very active offensive cyber campaign forming part of the war in Ukraine, to the emerging threat from AI tools that can be used for harm as well as for good.

But the important part of my comments was to show that whilst these cyber threats are real, there are sensible steps we can take to respond — we do not have to bury our heads in the sand and hope for the best.

I made the analogy of crossing a road safely. We do basic things like looking left and right consistently and well. We don’t make pedestrians wear crash helmets, reduce speed limits to 5mph, or ban people from leaving the house.

However, we also do the basics every time, not most of the time. Look left and right only 99% of the time and you will eventually be hit by a car. Not maybe — definitely.

So when we talk about basic controls — two factor authentication, rapid patching, only running supported systems, basic assurance like The IASME Consortium and the UK Government’s Cyber Essentials Plus Scheme — these are not optional, nice to have or aspirational. We can’t opt one system out because it’s difficult, inconvenient, or the CEO’s pet project. This is basic hygiene that that we can’t afford to get wrong.

If you’re a business and you are running systems without 2FA, operating unsupported hardware or software, more than 14 days behind in your security patching, or sending confidential information such as bills or passwords to your customers by email: my simple message is just stop now. If you can’t fix it, turn it off today. And if you can’t turn it off? You know you need to fix it today.

That malicious hacker, organised crime group or aggressive nation state doesn’t care about you, and they will simply run you over. So look left and right. Do the basics. Every time.

Because we’re watching.

And so are they.

Originally published at https://mattpalmer.net on July 23, 2023.

The post Crossing the road appeared first on Security Boulevard.

The Lazarus Group is behind a social engineering campaign that uses repository invitations and malicious npm packages to target developers on GitHub.

The post GitHub Developers Targeted by North Korea’s Lazarus Group appeared first on Security Boulevard.

Two banks earlier this year were the targets of open source supply chain attacks, the first of their kind in the industry.

The post Software Supply Chain Attackers Targeting Banks, Checkmarx Says appeared first on Security Boulevard.

The post Setting Up DKIM on On-Prem Exchange Servers appeared first on Security Boulevard.

The post What is a Customer Experience Reference Architecture?   appeared first on TrueFort.

The post What is a Customer Experience Reference Architecture?   appeared first on Security Boulevard.

The post AI Alone Is Not the Answer to Cybersecurity; Humans Are Needed appeared first on Pondurance.

The post AI Alone Is Not the Answer to Cybersecurity; Humans Are Needed appeared first on Security Boulevard.