International

* Safeguards on general purpose artificial intelligence * Limits on the use of biometric identification systems by law enforcement * Bans on social scoring and AI used to manipulate or exploit user vulnerabilities * Right of consumers to launch complaints and receive meaningful explanations On Wednesday, Parliament approved the Artificial …

CISA released 15 advisories about Industrial Control Systems (ICS) on March 14, 2024. The advisories include important information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-074-01 Siemens SENTRON 7KM PAC3x20 ICSA-24-074-02 Siemens Solid Edge ICSA-24-074-03 Siemens SINEMA Remote Connect Server ICSA-24-074-04 Siemens SINEMA Remote Connect Client ICSA-24-074-05 Siemens …

Cybersecurity attacks are always changing, and it’s important to detect them quickly. To keep up with hackers, Google Safe Browsing now offers real-time URL protection for Chrome users on desktop or iOS. Additionally, Chrome for iOS has new password protections to help you navigate the web securely. Real-time protection through …

The Federal Communications Commission voted to start a program for labeling wireless consumer Internet of Things products with strong cybersecurity. This means that products meeting these standards will have a “U.S Cyber Trust Mark” label, helping consumers make better choices and encouraging manufacturers to improve cybersecurity. The Commission has adopted …

FortiGuard Labs found a phishing campaign that tricks users into downloading a malicious Java downloader to spread new VCURMS and STRRAT remote access trojans. The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub to avoid detection. They used email as its command and control throughout …

The NSA released a list of ten recommended security strategies for cloud customers. The advisory, published on March 7, 2024, includes ten strategies for cloud security, identity and access management, data security practices, and network segmentation. CISA supported the NSA with six out of ten strategies for cybersecurity and infrastructure …

FortiGuard Labs found a threat using a harmful PDF to spread the CHAVECLOAK banking Trojan. The attack involves the PDF downloading a ZIP file and then using DLL side-loading to run the malware. CHAVECLOAK targets Brazilian users to steal financial information. Figure 1 shows the detailed flow of this cyber …

The NSA and CISA have released five bulletins on securing a cloud environment. Cloud services are very popular for businesses because they offer managed servers, storage, and applications without the need to manage their own infrastructure. Many enterprise application developers now offer both on-premise and cloud-hosted versions of their services. …

The Canadian Supreme Court ruled that police must have a warrant before asking for the internet protocol address of Canadians. The Supreme Court ruled 5-4 that Canadians have privacy rights protected by the Charter when police ask for information about their online activities. “Personal privacy is vital to individual dignity, …

NIST has released its Cybersecurity Framework 2.0 after several years of consideration. The new framework expands its recommendations to cover the concerns of organizations beyond critical infrastructure. NIST issued the first CSF in 2014, in response to a presidential executive order, to assist organizations, particularly critical infrastructure, in managing cybersecurity …