Security Bulletin

What was seen and heard at the 2023 edition of the Singapore FinTech Festival? Read my recap of the conference.

AI has tremendous potential to improve efficiency and outcomes in the public and private sectors. A holistic approach to AI and security is critical to achieving the potential of AI while minimizing the risks.

Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review...

Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and macOS Sonoma. A cyber threat actor could exploit one of these vulnerabilities to obtain sensitive information. CISA encourages users and administrators to...

NB: This document is retained for historical interest only as "named" and "dig" have supported TLS natively since BIND release 9.17.7. RFC 7858 specifies DNS over TLS (Transport Layer Security). There are multiple ways to implement DoT. One...

Here are four action items security teams can set around generative AI in 2024.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

State CISOs and cybersecurity task forces are grappling with the best ways to use federal grant money to keep their citizens safe online.

The update to the company's Vulnerability Rating Taxonomy offers vulnerability researchers a framework for assessing and prioritizing vulnerabilities in large language models.