Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for AI, Women, and the F ...

 Cyber News

Artificial Intelligence (AI) is revolutionizing cybersecurity, enabling organizations to detect and respond to threats faster than ever. Yet, AI has its limitations—it lacks human judgment, ethical reasoning, and the ability to interpret complex, real-world contexts. In a field where intuition, strategic   show more ...

decision-making, and adaptability are critical, human expertise remains indispensable. This is where women in cybersecurity are making a profound impact. With strengths in analytical thinking, ethical problem-solving, and collaborative leadership, they are shaping a more resilient and forward-thinking cybersecurity landscape.  As we celebrate International Women's Day (IWD) 2025 under the theme #AccelerateAction, it is essential to recognize how AI and women together are shaping the future of cybersecurity. According to the World Economic Forum (WEF), at the current rate of progress, full gender parity will not be achieved until 2158—a staggering five generations from now.   This is a wake-up call. If we want to build a secure and inclusive digital future, we must break systemic barriers and actively accelerate women's representation in cybersecurity.  The Role of Women in Cybersecurity: A Growing Necessity  Despite being understated in the field, women are increasingly making strides in cybersecurity. According to (ISC)²'s Women in Cybersecurity report, women currently make up only 25% of the global cybersecurity workforce. However, the industry is beginning to recognize the value of diverse perspectives in tackling complex security threats.  As discussed in Cyble’s webinar "Global Cyber Threats: Regional Strategies, AI Disruption, and Future Predictions", Mel Migrino, Southeast Regional Director & Adviser, Gogolook, highlights, "Cybersecurity is a 360-degree discipline. It is not just about technical skills; it's about managing the complexity of the stakeholders, environment, regulations, and building alliances towards a common good—these qualities are best emanated by women."   Women bring a multifaceted approach to cybersecurity, combining technical expertise with leadership, strategic thinking, and collaboration. This ability to travel through complicated environments makes women particularly effective in cybersecurity roles such as:  Threat Intelligence Analysts – Interpreting AI-generated data with contextual awareness.  Incident Response Managers – Making swift, emotionally intelligent decisions under pressure.  Risk and Compliance Officers – Understanding legal and regulatory situations with a human-centric perspective.  Ethical Hackers & AI Auditors – Ensuring fairness and bias mitigation in AI-driven cybersecurity tools.  AI: A Double-Edged Sword in Cybersecurity  AI is transforming the cybersecurity environment by automating threat detection, responding to attacks in real-time, and predicting future vulnerabilities. Yet, it also introduces new risks, such as AI-driven cyber threats, deepfake attacks, and bias in security algorithms. This is where the human element, especially women’s cognitive diversity, becomes crucial.  As Dr. Sheeba Armoogum, Associate Professor in Cybersecurity, University of Mauritius, emphasized in the webinar, "Cyber resilience is built on cognitive diversity, equitable strategies, and inclusive collaboration. When varied perspectives converge, we transform uncertainty into strength and disruption into opportunity."  Moreover, in the same webinar, Jane Teh, another panelist, stressed the evolving AI battlefield: "We are seeing AI versus AI—machines attacking machines. Nations are using AI to measure cyber maturity and even shifting towards offensive AI strategies."  Bridging the Gender Gap in AI and Cybersecurity  While AI is reshaping cybersecurity, it reflects the biases of its creators. A report by the AI Now Institute found that 85% of AI research staff at major tech companies are male. This gender imbalance leads to algorithmic biases that can have real-world consequences, such as AI-driven security tools failing to recognize threats that disproportionately affect women and marginalized communities.  To counteract this, we need more women in AI development and cybersecurity leadership to:  Ensure AI fairness by identifying and eliminating biases in security models.  Develop human-centered security solutions that address diverse global threats.  Drive ethical AI frameworks that balance automation with human oversight.  Breaking Barriers: Encouraging More Women in Cybersecurity  The road to gender parity in cybersecurity and AI requires a multi-pronged approach:  Educational Initiatives & Mentorship  Encouraging more girls to pursue STEM fields from an early age.  Expanding cybersecurity scholarships for women.  Establishing mentorship programs to support career growth.  Inclusive Hiring & Leadership Representation  Tech companies must actively recruit and promote women in cybersecurity roles.  Organizations should implement unbiased AI-driven recruitment to ensure fairness.  AI & Cybersecurity Training for Women  Women should be empowered with AI skills to shape the future of cybersecurity.  AI literacy programs should be integrated into cybersecurity curriculums.  Corporate & Government Policies  Governments should implement policies that promote gender equity in tech industries.  Organizations must offer flexible work environments to support work-life balance.  Women Driving AI-Powered Cybersecurity Innovations  Many women are already leading groundbreaking AI and cybersecurity innovations, proving that gender diversity enhances security outcomes. Some notable figures include:  Parisa Tabriz (Google’s “Security Princess”) – Leading Google Chrome’s security engineering.  Dr. Fei-Fei Li (AI Expert) – Advocating for AI’s ethical development and fairness.  Katie Moussouris (Founder of Luta Security) – Pioneering bug bounty programs and vulnerability disclosure.  The Future: Women + AI = A Secure Digital World  Cybersecurity is no longer just about firewalls and algorithms—it’s about people, innovation, and the diverse minds shaping the digital world. Women, with their unique blend of analytical thinking, emotional intelligence, and strategic vision, are the missing link in AI-driven security. The question isn’t if they should lead but how fast we can accelerate their path to leadership.  As Jane Teh noted in the Cyble webinar, “Cyber warfare is no longer about humans versus humans—it’s AI versus AI. We need ethical, diverse, and inclusive leadership to guide AI’s evolution in cybersecurity.”  This International Women’s Day 2025, let’s move beyond conversations and take decisive action. Let’s invest in mentorship, challenge outdated biases, and ensure women are at the helm of AI-powered cybersecurity. Because the future isn’t waiting until 2158—it’s being written now.  Are we ready to #AccelerateAction and build a secure, inclusive digital future? The time to act is today.  You can hear the full podcast from Cyble’s webinar "Global Cyber Threats: Regional Strategies, AI Disruption, and Future Predictions" on YouTube. 

image for Feds Link $150M Cybe ...

 A Little Sunshine

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents   show more ...

investigating a spectacular $150 million cryptocurrency heist said they had reached the same conclusion. On March 6, federal prosecutors in northern California said they seized approximately $24 million worth of cryptocurrencies that were clawed back following a $150 million cyberheist on Jan. 30, 2024. The complaint refers to the person robbed only as “Victim-1,” but according to blockchain security researcher ZachXBT the theft was perpetrated against Chris Larsen, the co-founder of the cryptocurrency platform Ripple. ZachXBT was the first to report on the heist, of which approximately $24 million was frozen by the feds before it could be withdrawn. This week’s action by the government merely allows investigators to officially seize the frozen funds. But there is an important conclusion in this seizure document: It basically says the U.S. Secret Service and the FBI agree with the findings of the LastPass breach story published here in September 2023. That piece quoted security researchers who said they were witnessing six-figure crypto heists several times each month that they believed all appeared to be the result of crooks cracking master passwords for the password vaults stolen from LastPass in 2022. “The Federal Bureau of Investigation has been investigating these data breaches, and law enforcement agents investigating the instant case have spoken with FBI agents about their investigation,” reads the seizure complaint, which was written by a U.S. Secret Service agent. “From those conversations, law enforcement agents in this case learned that the stolen data and passwords that were stored in several victims’ online password manager accounts were used to illegally, and without authorization, access the victims’ electronic accounts and steal information, cryptocurrency, and other data.” The document continues: “Based on this investigation, law enforcement had probable cause to believe the same attackers behind the above-described commercial online password manager attack used a stolen password held in Victim 1’s online password manager account and, without authorization, accessed his cryptocurrency wallet/account.” Working with dozens of victims, security researchers Nick Bax and Taylor Monahan found that none of the six-figure cyberheist victims appeared to have suffered the sorts of attacks that typically preface a high-dollar crypto theft, such as the compromise of one’s email and/or mobile phone accounts, or SIM-swapping attacks. They discovered the victims all had something else in common: Each had at one point stored their cryptocurrency seed phrase — the secret code that lets anyone gain access to your cryptocurrency holdings — in the “Secure Notes” area of their LastPass account prior to the 2022 breaches at the company. Bax and Monahan found another common theme with these robberies: They all followed a similar pattern of cashing out, rapidly moving stolen funds to a dizzying number of drop accounts scattered across various cryptocurrency exchanges. According to the government, a similar level of complexity was present in the $150 million heist against the Ripple co-founder last year. “The scale of a theft and rapid dissipation of funds would have required the efforts of multiple malicious actors, and was consistent with the online password manager breaches and attack on other victims whose cryptocurrency was stolen,” the government wrote. “For these reasons, law enforcement agents believe the cryptocurrency stolen from Victim 1 was committed by the same attackers who conducted the attack on the online password manager, and cryptocurrency thefts from other similarly situated victims.” Reached for comment, LastPass said it has seen no definitive proof — from federal investigators or others — that the cyberheists in question were linked to the LastPass breaches. “Since we initially disclosed this incident back in 2022, LastPass has worked in close cooperation with multiple representatives from law enforcement,” LastPass said in a written statement. “To date, our law enforcement partners have not made us aware of any conclusive evidence that connects any crypto thefts to our incident. In the meantime, we have been investing heavily in enhancing our security measures and will continue to do so.” On August 25, 2022, LastPass CEO Karim Toubba told users the company had detected unusual activity in its software development environment, and that the intruders stole some source code and proprietary LastPass technical information. On Sept. 15, 2022, LastPass said an investigation into the August breach determined the attacker did not access any customer data or password vaults. But on Nov. 30, 2022, LastPass notified customers about another, far more serious security incident that the company said leveraged data stolen in the August breach. LastPass disclosed that criminal hackers had compromised encrypted copies of some password vaults, as well as other personal information. Experts say the breach would have given thieves “offline” access to encrypted password vaults, theoretically allowing them all the time in the world to try to crack some of the weaker master passwords using powerful systems that can attempt millions of password guesses per second. Researchers found that many of the cyberheist victims had chosen master passwords with relatively low complexity, and were among LastPass’s oldest customers. That’s because legacy LastPass users were more likely to have master passwords that were protected with far fewer “iterations,” which refers to the number of times your password is run through the company’s encryption routines. In general, the more iterations, the longer it takes an offline attacker to crack your master password. Over the years, LastPass forced new users to pick longer and more complex master passwords, and they increased the number of iterations on multiple occasions by several orders of magnitude. But researchers found strong indications that LastPass never succeeded in upgrading many of its older customers to the newer password requirements and protections. Asked about LastPass’s continuing denials, Bax said that after the initial warning in our 2023 story, he naively hoped people would migrate their funds to new cryptocurrency wallets. “While some did, the continued thefts underscore how much more needs to be done,” Bax told KrebsOnSecurity. “It’s validating to see the Secret Service and FBI corroborate our findings, but I’d much rather see fewer of these hacks in the first place. ZachXBT and SEAL 911 reported yet another wave of thefts as recently as December, showing the threat is still very real.” Monahan said LastPass still hasn’t alerted their customers that their secrets—especially those stored in “Secure Notes”—may be at risk. “Its been two and a half years since LastPass was first breached [and] hundreds of millions of dollars has been stolen from individuals and companies around the globe,” Monahan said. “They could have encouraged users to rotate their credentials. They could’ve prevented millions and millions of dollars from being stolen by these threat actors. But  instead they chose to deny that their customers were are risk and blame the victims instead.”

 CSOonline

Source: www.csoonline.com – Author: Threat actors are typosquatting popular Go packages such as Hypert and Layout to drop malware on Linux and macOS systems. In a new typosquatting campaign, threat actors are seen using malicious Go packages posing as popular libraries to install malware on unsuspecting Linux   show more ...

and macOS systems. Researchers from the software supply […] La entrada Linux, macOS users infected with malware posing as legitimate Go packages – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: News-Analyse 07 März 20253 Minuten CyberangriffeGesundheitswesen Eine aktuelle Studie zeigt: Obwohl Cyberangriffe auf Gesundheitsorganisationen zunehmen, mangelt es oft bei den Sicherheitsstrukturen. 15 Prozent der Endgeräte im Gesundheitssektor haben keine oder   show more ...

nicht-übereinstimmende Sicherheits- und Risikokontrollen. Panya_photo – Shutterstock.com Laut dem aktuellen Horizon Report 2025 wurden im Jahr 2024 weltweit 183 Millionen Patientendaten […] La entrada Mangelhafte Cybersicherheit im Gesundheitswesen – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Careers

Source: www.cio.com – Author: For women, the IT career ladder is littered with obstacles, bias, and challenges that cannot always be overcome without the help of allies. If you are a tech leader, you might encourage your daughter to follow your path, imagining a journey, like yours, with challenges that can be   show more ...

overcome with hard […] La entrada 8 obstacles women still face when seeking a leadership role in IT – Source: www.cio.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: Version 1.0 der Eckpunkte für die IT-Sicherheitsanforderungen basiert auf einer tiefgehenden Datenbank-Analyse. Die neuen BSI-Anforderungen gelten sowohl für relationale als auch NoSQL-Datenbanksysteme und berücksichtigen alle Betriebsarten. shutterstock – nitpicker Das   show more ...

Bundesamt für Sicherheit in der Informationstechnik (BSI) hat die Version 1.0 seiner Eckpunkte der IT-Sicherheitsanforderungen für Datenbanksysteme veröffentlicht. Die Dokumente basieren […] La entrada BSI veröffentlicht neue Sicherheitsanforderungen für Datenbanksysteme – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: The best way to deal with risk is to understand what you’re up against and embrace its upside. An enterprise risk management program can help you do just that. What is risk management? Risk management is the process of identifying, analyzing, and mitigating uncertainties   show more ...

and threats that can harm your company […] La entrada What is risk management? Quantifying and mitigating uncertainty – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: Diese Ransomware-as-a-Service-Angebote – und ihre Anbieter – sollten CISOs auf dem Schirm haben. Für Unternehmen ist Ransomware weiterhin eine existenzielle Bedrohung, für Kriminelle ein immer einträglicheres (Service)geschäft. Gonin | shutterstock.com Ransomware   show more ...

bleibt branchenübergreifend auf dem Vormarsch und entwickelt sich beständig weiter – vereinzelten behördlichen Erfolgen zum Trotz. Das ist unter anderem […] La entrada 11 ruinöse Ransomware-Bedrohungen – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Source: securityaffairs.com – Author: Pierluigi Paganini Mirai-based botnets are exploiting a zero-day flaw, tracked as CVE-2025-1316, in Edimax IP cameras, to achieve remote command execution. US CISA warns that multiple botnets are exploiting a recently disclosed vulnerability, tracked as CVE-2025-1316 (CVSS   show more ...

score of 9.8), in Edimax IC-7100 IP cameras. The issue is an Improper Neutralization […] La entrada Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Artificial Intelligence

Source: securityaffairs.com – Author: Pierluigi Paganini Differential privacy (DP) protects data by adding noise to queries, preventing re-identification while maintaining utility, addressing Artificial Intelligence -era privacy challenges. In the era of Artificial Intelligence, confidentiality and security are   show more ...

becoming significant challenges. Traditional anonymization techniques, such as pseudonymization and k-anonymity, have proven inadequate against sophisticated re-identification attacks. […] La entrada The Role of Differential Privacy in Protecting Sensitive Information in the Era of Artificial Intelligence – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini The U.S. Secret Service and global law enforcement seized the domain of sanctioned Russian crypto exchange Garantex. An international law enforcement operation led by U.S. Secret Service seized the website (“garantex[.]org”) of the sanctioned Russian   show more ...

crypto exchange Garantex. In April 2022, the US Treasury Department sanctioned the virtual currency […] La entrada International law enforcement operation seized the domain of the Russian crypto exchange Garantex – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Medusa ransomware has claimed nearly 400 victims since January 2023, with attacks increasing by 42% between 2023 and 2024. The Symantec Threat Hunter Team reported that the Medusa ransomware operators have claimed nearly 400 victims since January 2023.   show more ...

Experts observed a 42% increase in attacks carried out by the […] La entrada Medusa Ransomware targeted over 40 organizations in 2025 – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Kristina Beek, Associate Editor, Dark Reading Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed   show more ...

triggered the security solution. There are several actions […] La entrada ‘Spearwing’ RaaS Group Ruffles Feathers in Cyber Threat Scene – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Robert Lemos, Contributing Writer Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered   show more ...

the security solution. There are several actions that could […] La entrada MITRE EMB3D for OT & ICS Threat Modeling Takes Flight – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Robert Lemos, Contributing Writer Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered   show more ...

the security solution. There are several actions that could […] La entrada Static Scans, Red Teams, and Frameworks Aim to Find Bad AI Models – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Nate Nelson, Contributing Writer Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the   show more ...

security solution. There are several actions that could […] La entrada Cybercrime’s Cobalt Strike Use Plummets 80% Worldwide – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Rob Wright Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution.   show more ...

There are several actions that could trigger this […] La entrada Zero-Days Put Tens of 1,000s of Orgs at Risk for VM Escape Attacks – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Kristina Beek, Associate Editor, Dark Reading Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed   show more ...

triggered the security solution. There are several actions […] La entrada Taylor Swift Ticket Thieves Charged in Court for Resale Operation – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.troyhunt.com – Author: Troy Hunt We survived the cyclone! That was a seriously weird week with lots of build-up to an event that last occurred before I was born. It’d been 50 years since a cyclone came this far south, and the media was full of alarming predictions of destruction. In the end,   show more ...

we […] La entrada Weekly Update 442 – Source: www.troyhunt.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.schneier.com – Author: Bruce Schneier About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I’ve been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998. I’m a fellow and   show more ...

lecturer at Harvard’s Kennedy School, a board member of EFF, […] La entrada Friday Squid Blogging: Squid Loyalty Cards – Source: www.schneier.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 cell phones

Source: www.schneier.com – Author: Bruce Schneier Clive Robinson • March 7, 2025 2:39 PM @ Bruce, ALL, With regards “It runs on a $20 mobile hotspot.” Such are the joys of technology where the price to capability just keeps dropping. But you need to consider, “Is the use of the technology actually   show more ...

lawful?” Because the […] La entrada Rayhunter: Device to Detect Cellular Surveillance – Source: www.schneier.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Waqas. Push notifications are a common feature that many websites use to keep users engaged. However, what happens when these notifications turn malicious? Renée Burton, Vice President of Threat Intel at Infoblox, recently shared her firsthand experience with this alarming trend.   show more ...

Here’s a look at how scammers exploit push notifications to […] La entrada What Happens When Push Notifications Go Malicious? – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 cyber security

Source: www.techrepublic.com – Author: Fiona Jackson In 2024, women accounted for 22% of global security teams on average, compared to 17% in 2023, according to ISC2. Gender diversity in cybersecurity is slowly improving but inequities continue—a new report finds that the field has 5% more women than in 2023,   show more ...

but that they’re more exposed to […] La entrada Women Are Breaking Into Cybersecurity, But Losing Jobs Faster Than Men – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Iain Thomson A federal jury in Cleveland has found a senior software developer guilty of sabotaging his employer’s systems – and he’s now facing a potential ten years behind bars. Davis Lu, 55, of Houston, Texas, was a seasoned coder employed by   show more ...

power-management biz Eaton Corporation between November 2007 to October […] La entrada Developer sabotaged ex-employer with kill switch activated when he was let go – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Jessica Lyons The Feds today revealed more details about the US Secret Service-led Garantex takedown, a day after seizing websites and freezing assets belonging to the Russian cryptocurrency exchange in coordination with German and Finnish law enforcement agencies. Also   show more ...

today, the US Justice Department announced criminal charges against the two alleged […] La entrada Uncle Sam charges alleged Garantex admins after crypto-exchange web seizures – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-03
Aggregator history
Saturday, March 08
SAT
SUN
MON
TUE
WED
THU
FRI
MarchAprilMay