TU/e – Netwerk TU/e uit de lucht gehaald, maandag geen onderwijs
“De TU/e heeft vandaag (zondag 12 januari) het netwerk offline gehaald, vanwege een cyberaanval. Daardoor zijn of worden netwerkgebonden systemen van de TU/e voorlopig voor gebruikers onbereikbaar en zijn er geen onderwijsactiviteiten mogelijk, in ieder geval tot en met maandag. “
Forbes – Why Cryptographic Agility Needs To Be A Top Cybersecurity Priority
“Organizations should implement a crypto-agility approach to develop a migration plan for deploying quantum-resistant certificates. “
Forbes – What Boards Of Directors Should Know About Their Organization’s AI Usage
“Organizations might feel pressure to jump on the AI bandwagon given the technology’s growing popularity, but infusing AI into a company’s business model needs to be intentional and in support of the company’s overarching business goals.” “Does the organization have a policy in place that addresses the acceptable use of AI? What are potential risk […]
ISACA – Can Hardening Reduce Cyberrisk?
“An often overlooked means to significantly reduce risk has been hardening systems, technologies, and network infrastructure. “
Cybersecurity Dive – Memory-unsafe code runs rampant in critical open-source projects
“CISA and the FBI are part of an international effort to eliminate memory-unsafe languages which were found in more than half of critical open-source projects.”
The Hacker New: New Research Warns About Weak Offboarding Management and Insider Risks
“Employee offboarding is typically seen as a routine administrative task, but it can pose substantial security risks, if not handled correctly. Failing to quickly and thoroughly remove access for departing employees introduces serious insider threats, leaving a company vulnerable to multiple kinds of risks, such as data breaches, intellectual property theft, and regulatory non-compliance. “
Axios: Generative AI’s privacy problem
“Privacy is the next battleground for the AI debate, even as conflicts over copyright, accuracy and bias continue.“
CSY – Over de risico’s van phishing e-mails en ransomware – Casus: de hack bij Maastricht University
Een overzicht van de UMaastricht rasomware aanval in 2019, dit in 14 handige slides (met enkele interessante tests).
TechCrunch – ChatGPT is violating Europe’s privacy laws, Italian DPA tells OpenAI
“OpenAI has been told it’s suspected of violating European Union privacy, following a multi-month investigation of its AI chatbot, ChatGPT, by Italy’s data protection authority.”
Helpnetsecurity – What makes ransomware victims less likely to pay up?
“There’s a good reason why ransomware gangs started exfiltrating victims’ data instead of just encrypting it: those organizations pay more.”