#public-sector-cybersecurity
#public-sector-cybersecurity

Information security

US push to counter hackers draws industry deeper into offensive cyber debate

fromnews.bitcoin.com

Cryptocurrency

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

fromwww.theguardian.com

Artificial intelligence

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

Healthcare

Healthcare Executives Face a New Era of Personal Risk

Healthcare executives face heightened personal risks due to grievance-motivated cyber threats amid economic pressures and public accountability.

fromZDNET

Your router may be vulnerable to Russian hackers, FBI warns: 5 steps to take now

FBI and NSA warn of Russian hackers targeting vulnerable routers, urging users to update firmware and strengthen passwords.

Privacy technologies

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

US push to counter hackers draws industry deeper into offensive cyber debate

The U.S. government seeks private sector involvement in cyber defense, but clarity on offensive roles remains uncertain.

Cryptocurrency

fromnews.bitcoin.com

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.

fromwww.theguardian.com

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

US Treasury secretary convened bank chiefs to address cybersecurity risks from Anthropic's AI model, Claude Mythos, which poses unprecedented threats.

Healthcare

Healthcare Executives Face a New Era of Personal Risk

Healthcare executives face heightened personal risks due to grievance-motivated cyber threats amid economic pressures and public accountability.

fromZDNET

Your router may be vulnerable to Russian hackers, FBI warns: 5 steps to take now

FBI and NSA warn of Russian hackers targeting vulnerable routers, urging users to update firmware and strengthen passwords.

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

fromwww.npr.org

US news

How AI is getting better at finding security holes

Artificial intelligence

These niche AI startups are trying to protect the Pentagon's secrets | Fortune

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

What Are Security Experts Saying About Claude Mythos and Project Glasswing?

Claude Mythos Preview enhances vulnerability detection but poses risks if misused by cybercriminals, prompting Anthropic to limit its public release.

fromFast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

fromwww.npr.org

US news

How AI is getting better at finding security holes

These niche AI startups are trying to protect the Pentagon's secrets | Fortune

AI companies face challenges in balancing technology use with government secrecy, highlighted by Anthropic's conflict with the Pentagon.

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

What Are Security Experts Saying About Claude Mythos and Project Glasswing?

Claude Mythos Preview enhances vulnerability detection but poses risks if misused by cybercriminals, prompting Anthropic to limit its public release.

Trump Admin Seeks Sweeping Access to Federal Workers' Health Records

The Trump administration seeks access to detailed medical records of federal workers and retirees, raising concerns about privacy and data security.

Washington DC

DHS intelligence office restructuring would still keep it under ODNI oversight

The White House plans to restructure DHS's intelligence unit while maintaining its oversight under the Office of the Director of National Intelligence.

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.

Careers

Businesses are paying the price for CISO burnout | Computer Weekly

Burnout among CISOs poses significant risks to businesses, driven by overwhelming responsibilities and rising cyber threats.

Law

fromIndependent

Computer engineer claims he was penalised for flagging Israeli links of firm given 'bananas' server access at top Irish cybersecurity company

A cyber-security firm reprimanded an engineer for discriminatory comments regarding an Israeli company's access to its servers amid concerns about Palestinian genocide.

#digital-sovereignty

EU data protection

Breaking the stranglehold: Responses to data sovereignty risk | Computer Weekly

UK and EU initiatives aim to enhance digital sovereignty and reduce reliance on US cloud providers.

DevOps

The digital sovereignty dilemma is a false choice - here's how enterprises can have both | Fortune

EU data protection

Breaking the stranglehold: Responses to data sovereignty risk | Computer Weekly

UK and EU initiatives aim to enhance digital sovereignty and reduce reliance on US cloud providers.

DevOps

The digital sovereignty dilemma is a false choice - here's how enterprises can have both | Fortune

Organizations must ensure digital sovereignty by balancing local control with global technology access to remain resilient and competitive.

more#digital-sovereignty

Education

School's Out, But Security's Not: Preparing for K-12 Summertime Security

Summer vacation does not reduce security threats in K-12 environments; instead, the nature of risks changes significantly.

fromThe Cipher Brief

Why Australia Needs a National Spy Museum

Many of the foundations that have underpinned Australia's security, prosperity and democracy are being tested: social cohesion is eroding, trust in institutions is declining, intolerance is growing, even truth itself is being undermined by conspiracy, mis- and disinformation.

World politics

'This utter lack of communication and consultation flies in the face of federal law': states push against immigration detention plans | Fortune

ICE purchased a 418,000-square-foot warehouse in Surprise, Arizona, for $70 million, with plans for a processing site capable of handling 1,000 to 1,500 immigrants daily.

US politics

Data science

UK National Data Library plan needs work, study finds

The UK's National Data Library needs improved dataset accessibility to support AI development and meaningful analysis.

Trump proposes cutting CISA election security program in FY27 budget

The Trump administration plans to cut $700 million from CISA, significantly impacting election security and infrastructure protection programs.

White House Seeks to Slash CISA Funding by $707 Million

The Trump administration proposes a $707 million budget cut for CISA to refocus on core missions and eliminate inefficiencies.

Trump's Proposed CISA Cuts Spark Alarm Among Cybersecurity Experts

Proposed budget cuts to CISA raise concerns about U.S. cybersecurity readiness against increasing digital threats.

Information security

Is Renewing CISA Enough to Restore Confidence for Cyber Threat Reporters?

Trump proposes cutting CISA election security program in FY27 budget

The Trump administration plans to cut $700 million from CISA, significantly impacting election security and infrastructure protection programs.

White House Seeks to Slash CISA Funding by $707 Million

The Trump administration proposes a $707 million budget cut for CISA to refocus on core missions and eliminate inefficiencies.

Trump's Proposed CISA Cuts Spark Alarm Among Cybersecurity Experts

Proposed budget cuts to CISA raise concerns about U.S. cybersecurity readiness against increasing digital threats.

Information security

Is Renewing CISA Enough to Restore Confidence for Cyber Threat Reporters?

more#cisa

#fraud-prevention

Non-profit organizations

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.

MITRE Releases Fight Fraud Framework

MITRE released the Fight Fraud Framework to help organizations combat fraud through a behavior-based model of fraud tactics and techniques.

Non-profit organizations

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.

MITRE Releases Fight Fraud Framework

MITRE released the Fight Fraud Framework to help organizations combat fraud through a behavior-based model of fraud tactics and techniques.

more#fraud-prevention

13 hours ago

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for a critical zero-day vulnerability in Acrobat and Reader that has been exploited for several months.

US news

Top Secret Clearance Holder Charged With Leaking Classified National Defense Information

Courtney Williams was arrested for allegedly sharing classified national defense information with unauthorized individuals, including a journalist, from 2022 to 2025.

#data-security

fromTechzine Global

Healthcare

Hospital modernizes data protection with Synology ActiveProtect

Data is a strategic asset and a strategic vulnerability

Data is a primary strategic asset in national security, transforming into both a powerful tool and a critical vulnerability.

fromTechzine Global

Healthcare

Hospital modernizes data protection with Synology ActiveProtect

Data is a strategic asset and a strategic vulnerability

Data is a primary strategic asset in national security, transforming into both a powerful tool and a critical vulnerability.

more#data-security

#data-breach

Capita's pension portal exposes civil servants' private data

Capita limited online functionality of the Civil Service Pensions Scheme member portal after a data breach exposed personal information of public sector workers.

fromTechCrunch

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

Capita's troubled Civil Service Pension Scheme hit by data breach | Computer Weekly

A data breach exposed personal information of nearly 140 members of the UK Civil Service Pension Scheme.

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

Capita's pension portal exposes civil servants' private data

Capita limited online functionality of the Civil Service Pensions Scheme member portal after a data breach exposed personal information of public sector workers.

fromTechCrunch

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

Capita's troubled Civil Service Pension Scheme hit by data breach | Computer Weekly

A data breach exposed personal information of nearly 140 members of the UK Civil Service Pension Scheme.

fromPrivacy International

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

ICE acknowledges it is using powerful spyware

ICE is using spyware tools to intercept encrypted messages to combat fentanyl trafficking.

US news

Dangerous data

US police misuse warrantless access to personal data, leading to wrongful arrests and life-altering consequences for innocent individuals.

Podcast

What Does It Take to Be an Outstanding CSO or CISO?

Outstanding security leaders often come from non-traditional backgrounds, with 40% of recent CSO-CISO Hall of Fame honorees starting in the private sector.

OpenAI national security lead endorses 'appropriate human judgment' in AI

Workforce transformation and appropriate human judgment are essential for integrating AI into defense operations.

New contract for background investigations raises concerns about scale and risk

DCSA is modernizing its Case Processing Operations Center to enhance background investigations and incorporate Continuous Vetting for national security.

fromElectronic Frontier Foundation

Banning New Foreign Routers Mistargets Products to Fix Real Problem

The FCC has banned foreign-made routers from U.S. sale due to security concerns, impacting consumer options without effectively addressing vulnerabilities.

fromTNW | Offers

10 Best SOC 2 Compliance Software for 2026

SOC 2 compliance software automates security controls, streamlining the audit process and ensuring readiness in weeks instead of months.

Your AI Governance Can't Wait. Here's Where to Start. - TechRepublic

AI governance is essential for organizations to confidently deploy AI and avoid significant risks.

Hungary officials used weak passwords exposed in breach dump

An investigation by Bellingcat has uncovered close to 800 Hungarian government email and password pairings circulating in breach dumps, cutting across nearly every major ministry, from defense and foreign affairs to finance.

Information security

Physical Security in Global Arenas: How AI Improves Security at Scale

Agentic physical security uses AI to transform surveillance into proactive threat prevention at large events.

fromEntrepreneur

How to Turn Security From a Bottleneck Into a Revenue Driver

Deals stall due to buyers' inability to quickly verify security, not lack of security itself.

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.

#fbi

FBI Declares Surveillance System Breach a 'Major Incident'

A China-linked breach of an FBI surveillance system has been classified as a major incident, posing significant risks to US national security.

Breach of FBI Surveillance System Considered a "Major Incident," Security Experts Weigh In

FBI confirms major breach of surveillance system, exposing sensitive data and potentially revealing criminal probes and surveillance targets.

FBI Declares Surveillance System Breach a 'Major Incident'

A China-linked breach of an FBI surveillance system has been classified as a major incident, posing significant risks to US national security.

Breach of FBI Surveillance System Considered a "Major Incident," Security Experts Weigh In

FBI confirms major breach of surveillance system, exposing sensitive data and potentially revealing criminal probes and surveillance targets.

Rolling out AI? 5 security tactics your business can't get wrong - and why

AI's useful capabilities also make it exploitable, requiring professionals to balance security with competitive implementation through knowledge sharing, partnerships, and automation.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

fromInfoWorld

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

Nine vulnerabilities in the Orthanc DICOM server allow attackers to crash servers, leak data, and execute arbitrary code remotely.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

fromElectronic Frontier Foundation

Yikes, Encryption's Y2K Moment is Coming Years Early

Google has moved its quantum preparedness deadline for cryptography to 2029 due to advancements in technology.

The Hidden Security Risks of Shadow AI in Enterprises

Shadow AI poses significant risks by allowing unregulated use of AI tools that can expose sensitive data and weaken security controls.

The New Battleground of Cybersecurity

I've always had what I would consider a hacker mindset, a curiosity to take things apart, understand them, and use that knowledge to solve problems. That mindset took me on a circuitous route into the cybersecurity industry; after being kicked out of high school for hacking computer systems, I worked a range of jobs, managing office supply companies by day and cracking Wi-Fi networks by night until I started a Digital Forensics degree which led me to the world of security research.

Science

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

fromMedCity News

3 weeks ago

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

World Cloud Security Day: Breaking Down the State of the Cloud Cybersecurity and Physical Security

"World Cloud Security Day is a useful reminder to recognize how much cloud risk now comes down to everyday access decisions and overlooked misconfigurations," says James Maude, Field CTO at BeyondTrust.

Information security

fromSilicon Canals

When militaries share data centers with banks: how Gulf strikes exposed a structural flaw in global cloud infrastructure - Silicon Canals

When civilian banks, logistics platforms, and payment processors share physical data center infrastructure with military AI systems, those facilities become legitimate military targets under international humanitarian law - and the civilian services housed inside lose their legal protection.

Information security

fromThe Cipher Brief

New Presidential Executive Order Targets Transnational Cybercrime

Transnational cybercrime is escalating, with significant financial losses and a need for enhanced national security measures.

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.

fromComputerworld

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.

Information security

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

fromEntrepreneur

This AI Security Strategy Is Redefining Cyberattack Recovery

Combining Zero Trust principles with AI enhances resilience, reduces downtime, and maintains strict access controls.

fromReadWrite

The CISO Struggle: How AI is Changing the Data Security Landscape

Generative AI adoption is rapid, but security governance is lagging, creating significant risks for organizations.

3 weeks ago

Beyond integration theatre: Building stronger cyber platforms | Computer Weekly

Integration layers between security platforms, not the platforms themselves, have become the primary enterprise security risk requiring rigorous governance of delegated trust.

3 weeks ago

Why Security Validation Is Becoming Agentic

Security validation tools operate in silos while attackers exploit interconnected systems, creating a structural blind spot that Agentic Exposure Validation can address through continuous, autonomous, context-aware assessment.

Building government resilience in an era of AI-driven cyberattacks

Governments must rapidly transform defenses to counter escalating, stealthy AI-driven cyberattacks and prepare for destructive operations targeting critical infrastructure.

Understanding Breaches Before and After They Happen: What Every Organization Should Know

Most security breaches result from neglected fundamentals—human error, unpatched systems, weak authentication, and poor network segmentation—rather than advanced, novel exploits.

fromwww.theguardian.com