Today, CISA published the Framing Software Component Transparency, created by the Software Bill of Materials (SBOM) Tooling & Implementation Working Group, one of the five SBOM community-driven workstreams facilitated by CISA. CISA’s community-driven working groups publish documents and reports to advance and refine SBOM and ultimately promote adoption. This resource serves as the detailed foundation of SBOM,…
Read MoreToday, CISA—with the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and international partners—released joint Cybersecurity Advisory Iranian Cyber Actors Brute Force and Credential Access Activity Compromises Critical Infrastructure. This advisory provides known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) used by Iranian actors to impact organizations across multiple critical…
Read More
‘AI is by far the channel’s biggest opportunity yet,’ says Google Cloud’s Erin Rifkin. Google Cloud has added four new learning paths to help developers with generative artificial intelligence skills for building applications, managing and securing machine learning models, generating content and analyzing data–especially important for the vendor’s solution providers bringing AI products and services…
Read MoreSummary The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Communications Security Establishment Canada (CSE), the Australian Federal Police (AFP), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to warn network defenders of Iranian cyber actors’ use…
Read More
Oct 16, 2024Ravie LakshmananData Privacy / Passwordless The FIDO Alliance said it’s working to make passkeys and other credentials more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online accounts become accessible with the passwordless sign-in method. To that end, the alliance said it has published a…
Read More
‘They have vulnerabilities that have been announced with security notices and patches that have been released, but customers haven’t updated. And the adversaries around the world are taking advantage of it—whether it’s critical infrastructure or the carrier networks or whatever,’ says Cisco CEO Chuck Robbins. Cisco Systems Chair and CEO Chuck Robbins says there is…
Read More
The North Korean hacking group ScarCruft launched a large-scale attack in May that leveraged an Internet Explorer zero-day flaw to infect targets with the RokRAT malware and exfiltrate data. ScarCruft (aka “APT37” or “RedEyes”) is a state-sponsored cyber-espionage threat actor known for targeting systems in South Korea and Europe, as well as North Korean human…
Read More
Scams Ever alert to fresh money-making opportunities, fraudsters are blending physical and digital threats to steal drivers’ payment details 15 Oct 2024 • , 5 min. read Many countries and regions across the world have been moving quickly on electric cars in recent years. Around 14 million new cars were registered in 2023 alone, a…
Read More
‘With this funding, we’re really focused on brand exposure and expansion in the U.S.,’ says Jamie Daum, Inforcer co-founder and CEO. ‘We’re attending key industry events and building relationships within the MSP communities.’ U.K.-based software company Inforcer has secured $19 million in Series A funding to support its rapid growth, product development and expansion into…
Read More
Amazon has seen massive adoption of passkeys since the company quietly rolled them out a year ago, announcing today that over 175 million customers use the security feature. “Today, we’re excited to share that more than 175 million customers have enabled passkeys on their Amazon accounts, allowing them to sign in six-times faster than they…
Read More