Welcome
Welcome
Hello and Welcome!
We hope that your 2024 is going fantastic!
To help boost the GREATNESS, be sure to attend our meetings. Lots of good information there.
Be sure to register for our May 2024 meeting from our site ISC2CT.org
Also join our new ISC2CT Discord Server
Upcoming events:
APISEC The API Security Conference May 22nd Free to Attend Virtually
Zero Trust Meet & Expo Hartford June 20th & 21st
Hartford Cyber Security Summit June 25th
Thank you to our Sponsors
ISC2CT
Cyber News
CISA makes its "Malware Next-Gen" analysis system publicly available
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new version of "Malware Next-Gen," now allowing the public to submit malware samples for analysis by CISA.
bleepingcomputer.com
Top MITRE ATT&CK Techniques and How to Defend Against Them
A cheat sheet for all of the most common techniques hackers use, and general principles for stopping them.
darkreading.com
GPT-4 can exploit real vulnerabilities by reading advisories
While some other LLMs appear to flat-out suck
theregister.com
25 cybersecurity AI stats you should know
Here you will find excerpts from reports that offer stats and insights into the cybersecurity issues arising from the expansion of AI.
helpnetsecurity.com
The XZ Backdoor: Everything You Need to Know
Details are starting to emerge about a stunning supply chain attack that sent the open source software community reeling.
wired.com
XZ Utils Scare Exposes Hard Truths in Software Security
Much of the open source code embedded in enterprise software stacks comes from small, under-resourced, volunteer-run projects.
darkreading.com
New research shows that security is failing to keep pace with smartphone utilisation by consumers
Nuke From Orbit, a UK fintech startup, has unveiled findings from its latest research report, ‘Evolving smartphone usage and the growing threat to consumers’.
itsecuritywire.com
NSA Updates Zero-Trust Advice to Reduce Attack Surfaces
Agency encourages broader use of encryption, data loss, and prevention, as well as data rights management, to safeguard data, networks, and users.
darkreading.com
US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft
The US government says Midnight Blizzard’s compromise of Microsoft corporate email accounts "presents a grave and unacceptable risk to federal agencies."
securityweek.com
Cisco Zero-Days Anchor 'ArcaneDoor' Cyber Espionage Campaign
Attacks by a previously unknown state-sponsored actor leveraged two bugs in firewall devices to install custom backdoors on several government networks globally.
darkreading.com
Palo Alto Networks Warns of Exploited Firewall Vulnerability
Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls.
securityweek.com