SecurityCentric is your source for Blog Aggregation in the Security industry
Dairy Cows Transported Between States Must Now Be Tested for Bird Flu. NYTimes.com article (free link). Pull quote: While testing more cows is critical, so is reducing the risk of infection among dairy workers regularly exposed to fresh milk now thought to contain extensive virus, said Seema Lakdawala, a virologist at Emory University. GPT-4 Can E...
Natural language processing (NLP) tools are software applications that can process and analyze text or speech in standard conversation format. The advantage offered by NLP is that users can interact with artificial systems without needing to input software code or other complex commands. To accomplish this, NLP tools leverage machine learning algor...
I ran into an interesting article over on IndustrialCyber.co looking at the recently released report from the Coast Guard Cyber Command. That report, 2023 Cyber Trends and Insights in the Marine Environment Report, takes a look at last years trends in maritime cybersecurity. It is a 60-page report with lots of detail, so it is well worth reading. A...
Today, CISAs NCCIC-ICS published four control system security advisories for products from Honeywell, Siemens and Hitachi Energy (2). They also updated advisories for products from Mitsubishi (2), Rockwell and Chirp Systems. Advisories Honeywell Advisory - This advisory describes 16 vulnerabilities in multiple Honeywell products. Siemens Advisor...
Last month, Sen Vance (R,OH) introduced S 4045, the East Palestine Health Impact Monitoring Act of 2024. The bill would require HHS to conduct a study on the health effects of the 2023 East Palestine, OH train derailment. The bill would authorize $2 million per year through 2028 for the study. Moving Forward While Vance is not a member of the Sen...
What's going on? A wave of cheap, crude, amateurish ransomware has been spotted on the dark web - and although it may not make as many headlines as LockBit , Rhysida , and BlackSuit , it still presents a serious threat to organizations. What's "junk gun" ransomware? It's a name coined by Sophos researchers for unsophisticated ransomware that is oft...
In February, Sen Rubio (R,FL) introduced S 3773, the Strengthening Cybersecurity in Health Care Act. The bill would require the Health and Human Service Department Inspector General to conduct penetration tests and other testing procedures to determine how systems processing, transmitting, or storing mission critical or sensitive data by, for, or o...
A NASA rover has reached a promising place to search for fossilized life on Mars. Phys.org article. Pull quote: Mars sample return remains NASA's highest planetary science priority and is strongly supported by the planetary science community around the world. The samples from Perseverance may revolutionize our view of life in the universe. Even if ...
E. coli engineered to become methanol addict to make industry feedstocks. ChemistryWorld.com article. A little biochem geeky stuff. Pull quote: Lead author Julia Vorholt at ETH Zurich says the first step was to get E. coli addicted to methanol. If you make a mutation in a certain gene then [E. coli] needs to make a little bit of biomass for some sp...
Seeking ways on how to use AI in sales? Step into the future of sales with AI-driven techniques. The post How to Use AI in Sales: Top Strategies, Examples, and Tools appeared first on eWEEK.
Yesterday, the Senate resumed consideration of the motion to proceed to consideration of H.R. 3935. Sen Schumer (D,NY) entered a motion to close further debate on the motion to proceed to consideration of the bill. The vote on that cloture motion will take place when the Senate returns on March 30th, 2024, after the vote on the Georgia N. Alexakis ...
Yesterday in preparation for their quarterly business meeting tomorrow, the CSB updated their published list of reported chemical release incidents. They added 26 new incidents that occurred since the previous version was published in January and inserted eight new incidents that occurred before January. These are not incidents that the CSB is inve...
Tech leaders taking cybersecurity seriously is something of a double-edged sword. While its undoubtedly good that organizations are waking up to the genuine threat cyberattacks pose, its depressing that they must siphon off so many resources to protect themselves rather than using them for growth and innovation. A recent survey of UK technology lea...
Alexandre Dumas's timeless novel "The Three Musketeers" immortalized the ideal of unyielding solidarity, the enduring motto "All for one and one for all." In the face of ever-evolving threats in the digital realm, the European Union echoes this spirit with its landmark Cyber Solidarity Act . This new legislation recognizes that collective defense i...
Russia-linked hacking group claims to have targeted Indiana water plant. CNN.com article. Pull quote: While the video is sensational, the actions taken by the threat actor are amateur and would amount to a minor annoyance for plant operators, Fabela, who is CEO of Infinity Squared Group, a consulting firm, told CNN. A powerful volcano is erupting....
Today, CISAs NCCIC-ICS published updates for two control system security advisories for products from Chirp Systems and Mitsubishi Electric. Updates Chirp Systems Update - This update includes additional information on an advisory that was originally published on March 7th, 2024. Mitsubishi Update - This update includes additional information on...
Developing a competitive artificial intelligence business strategy has quickly become an essential leadership strategy as AI has grown into an indispensable business tool. Businesses from all different industries are incorporating new enterprise AI use cases in their workflows to improve products and disrupt their respective industries. To keep up ...
In 2023, companies lost about $4.45 million on average because of data breaches. As cyber threats advance, securing endpoints is more important than ever. An advanced Host-based Intrusion Detection System (HIDS) provides a sturdy remedy to improve endpoint security . By monitoring and examining system responses and device status, HIDS identifies an...
Budgetary and resource constraints play a huge role in cyberattacks on smaller organizations. Amidst a strained global economy, many under-resourced organizations like non-profits, local governments, and hospitals struggle to keep their heads above water - they simply don't have the funds to invest in cybersecurity. To make matters worse, cybercrim...
Syphilis case increase sparks Colorado public health order. TheHill.com article. Pull quote: People should know that this is a treatable disease for adults. A course of penicillin generally does the trick. Some adults have very mild symptoms, theres a lack of diagnosis, others who were symptomatic and treated with penicillin, Polis said. But the re...
Prompt engineering tools are software platforms that help business owners, content creators and prompt engineers craft effective prompts that maximize output from their large language models (LLMs) and generative AI tools. In other words, the best prompt engineering tools provide you with the instructions and support for getting your AI tools to cr...
I have seen it time and again where security clearance applicants who are denied eligibility based onfinancial issuesclaim the reason for the delinquent debts is because the spouse was in charge of the finances, and they thought all the bills and taxes were being taken care of. A recent Defense
Last month, Sen Padilla (D,CA) introduced S 3943, the Accelerating Networking, Cyberinfrastructure, and Hardware for Oceanic Research (ANCHOR) Act. The bill would require the National Science Foundation (NSF) to submit a plan to improve the cybersecurity and telecommunications of the Academic Research Fleet. No new funding is authorized by the legi...
Dragonfly: NASA Just Confirmed The Most Exciting Space Mission Of Your Lifetime. Forbes.com article. Pull quote: Titan is the only other world in the solar system other than Earth that has weather and liquid on its surface. It has an atmosphere, rain, lakes, oceans, shorelines, valleys, mountain ridges, mesas and dunesand possibly the building bloc...
On Friday, the Senate began debate on the consideration of HR 3935, the Securing Growth and Robust Leadership in American Aviation Act. That debate continued on Saturday. Debate will resume on Tuesday. No amendments have been submitted. No real action will occur until the Senate comes back from their upcoming recess on April 29th.
The experience of seeing a doctor has transformed dramatically, thanks in part to the emergence of telemedicine. This digital evolution promises convenience and accessibility but brings with it a host of cybersecurity risks that were unimaginable up until a few years ago. The unique cybersecurity challenges facing telemedicine today underscore the ...
As businesses transition to hybrid and multi-cloud setups, vulnerabilities arising from misconfigurations and security gaps are escalating, attracting attention from bad actors. In response, the US National Security Agency (NSA) issued a set of ten recommended mitigation strategies, published earlier this year (with support from the US Cybersecurit...
Recently, CISA added a new infographic to their stable of publications supporting the two agency chemical security programs, the currently inactive Chemical Facility Anti-Terrorism Standards (CFATS) program and the voluntary ChemLock program. The new SECURE CHEMICALS: POTENTIAL THREATS page shows a brief overview of the potential threats to chemica...
NOTE: See here for series background. Moosic, PA 4-15-24 Local news reports: Here, here, and here. Ammonia storage tank leak at food processing facility. 14 transported to hospital for ammonia exposure. Possible CSB reportable if any of the patients were admitted to the hospital. Naperville, IL 4-15-24 Local news reports: Here, here, and he...
This week, the Government Accountability Office (GAO) published a report on Cybersecurity - Implementation of Executive Order Requirements Is Essential to Address Key Actions. The report looks at the implementation of EO 14028 in CISA, NIST, and OMB. The table below shows the GAOs assessment of EO 14028 leadership and oversight requirements (see A...
This week, the Congressional Research Service (CRS) published a report on The Congressional Review Act: Defining a Rule and Overturning a Rule an Agency Did Not Submit to Congress. The 118th Congress has been fairly active in submitting and passing bills to overturn agency actions. This report outlines the processes under the Congressional Review A...
Reporting Background See this post for explanation, with an update here (removed from paywall). Data from PHMSAs online database of transportation related chemical incidents that have been reported to the agency. Incidents Summary Number of incidents 470 (460 highway, 9 air, 1 rail) Serious incidents 4 (3 Bulk release, 0 injuries, 0 deaths...
This week we have nine vendor disclosures from Hitachi, HPE (4), Peplink, Philips, and Rockwell (2). There are also five vendor updates from B&R (2), Contec, HPE, and Palo Alto Networks. We also have eleven researcher reports about vulnerabilities in products from Elber (10) and Silicon Labs. Finally, we have two exploits for products from Palo...
The Trump Jury Has a Doxing Problem. Wired.com article. To be fair, should read Potential Doxing Problem. Pull quote: Armed with basic personal details about jurors and certain tools and databases, an OSINT researcher could potentially uncover a significant amount of personal information by cross-referencing all this together, Diachenko says. That...
Today, ten days after the publication of their monthly tranche of security advisories and updates, Siemens published a control system security advisory that discusses a command injection vulnerability in their RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual NGFW. This is a third-party (Palo Alto Networks) vulnerability that is ...
Retrieval-augmented generation, or RAG, is a technique for enhancing the output of large language models by incorporating information from external knowledge bases or sources. By retrieving relevant data or documents before generating a response, RAG improves the generated text's accuracy, reliability, and informativeness. This approach helps groun...
Yesterday, the OMBs Office of Information and Regulatory Affairs (OIRA) announced that it had approved a final rule for the DOE on U.S. Department of Energy Interpretation of Foreign Entity of Concern. The rule was submitted to OIRA on March 21st, 2024. This rulemaking was not listed in the Fall 2023 Unified Agenda. This rulemaking will probably b...
Yesterday, the OMBs Office of Information and Regulatory Affairs (OIRA) announced that it had approved a final rule for the EPA on Methylene Chloride (MC); Regulation Under the Toxic Substances Control Act (TSCA). The final rule was submitted to OIRA on January 24th, 2024. The notice of proposed rulemaking was published on May 3rd, 2023. According...
Yesterday, with both the House and Senate in session, there were 76 bills introduced. One of those bills will receive additional attention in this blog: HR 8070 To authorize appropriations for fiscal year 2025 for military activities of the Department of Defense, for military construction, and for defense activities of the Department of Energy, to...
The race to produce rare earth elements. TechnologyReview.com article. Pull quote: That technology extracts rare earth elements from coal ash, leaving behind a solution rich in those elements and a residual solid containing iron and other metals. Through sequential steps of heating and cooling, rare earths are transferred into an ionic liquida salt...
A deepfake is a type of synthetic media where the likeness of someone in an existing image or video is replaced with someone elses likeness using artificial intelligence. This technology utilizes sophisticated AI algorithms to create or manipulate audio and video content with a high degree of realism. Deepfake technology represents one of the most ...
Today, CISAs NCCIC-ICS published a control systems security advisory for products from Unitronics. They also updated two advisories for products from Mitsubishi. Advisories Unitronics Advisory - This advisory describes a storing passwords in a recoverable format vulnerability in the Unitronics Vision Standard PLCs. Updates Mitsubishi Update #1 ...
Posted Kaleigh Rosenblat, Chrome Enterprise Senior Staff Software Engineer, Security Lead Generative AI has emerged as a powerful and popular tool to automate content creation and simple tasks. From customized content creation to source code generation, it can increase both our productivity and creative potential. Businesses want to leverage t...
Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. A major international operation, led by the UK's Metropolitan Police, has seized control of LabHost, which has been helping cybercriminals create phishing websites since 2021 to steal sensitive information...
Launch of a Reentry Vehicle as a Payload That Requires a Reentry Authorization To Return to Earth. Federal Register FAA notice. Summary: This action provides notice that in general, the FAA will not authorize launch of a reentry vehicle as a payload that will require a reentry authorization to return to Earth unless the reentry vehicle operator has...
Im always surprised and a little disappointed at how far we have to go before supply chain cybersecurity gets the respect and attention it deserves. I sat down this week with a new client who wanted some help addressing several internal issues surrounding their IT systems. When I asked them about their relationship with the supplier essentially,...
Its an efficient machine to destroy nuclear waste: nuclear future powered by thorium beckons. ChemistryWorld.com article. Pull quote: The companys concept combines a particle accelerator called a cyclotron with a subcritical lead-cooled reactor. Its built with about 3% missing neutrons which is a very important safety feature for us if you pull th...
Empower your AI with optimization. Discover 6 strategies to enhance efficiency through AI model optimization. The post AI Model Optimization: 6 Key Techniques appeared first on eWEEK.
Last month, Sen Wicker (R,MS) introduced S 3959, the Transportation Security Screening Modernization Act. The bill would require the TSA to take actions (potentially including issuing an interim final rule) to streamline the procedures for individuals applying for or renewing enrollment in more than one TSA security threat assessment program, in pa...
- Welcome!
- SecurityCentric aggregates blogs for the Security industry.
- Custom Feeds
- Add any RSS feed to the information you read daily.
- Blocked Feeds
- Block feeds to remove blogs you’re not interested in.
- Account Settings
- Customize the site by adding or removing feeds.
Don’t have an account yet?
- Customize your settings
- Edit how your blog displays
- Add or remove blogs you read. Sign Up.
About Us
SecurityCentric is your source for all your Security news.
Have a Suggestion for Us?
|
Know of a Security blog that we're missing? Let us know!
|
Share SecurityCentric.com
| 
