Welcome
Welcome
Hello and Happy New Year!
Cybersecurity Practitioners Event (CPE) Mar 28, 2025, 8:00 AM EDT | Mohegan Sun Earth Ballroom - Uncasville, CT Registration Link Open to both members and non-members; everyone can attend! This event is a unique opportunity for cybersecurity professionals to come together and exchange practical insights and actionable strategies. Our focus is on providing a platform for hands-on employees, management level, and senior cybersecurity professionals to share day-to-day operation cybersecurity tips, tracks, and processes. Join us to connect with potential sponsors, increase your knowledge, and network with industry experts. We look forward to having you at our event!
Be sure to attend our meetings. Lots of good information there. Register for our February 27th meeting on our site ISC2CT.org
Upcoming events:
Cybersecurity Practitioners Event (CPE) Mar 28, 2025, 8:00 AM EDT | Mohegan Sun Earth Ballroom - Uncasville, CT Registration Link
Thank you to our Sponsors
Quinnipiac University is committed to helping advance the field of cybersecurity through its School of Computing & Engineering. To support the growth of professionals within cybersecurity and computing, Quinnipiac offers flexible online and on-campus opportunities that deliver practical skills you can immediately apply on the job. Both its MS in Cybersecurity and MS in Computer Science programs feature hands-on experience in lab settings that simulate real-world scenarios. To learn more about these exciting opportunities, Visit Quinnipiac University
ISC2CT
Cyber News
Microsoft: Happy 2025. Here’s 161 Security Updates
January 14, 2025 Microsoft unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack
krebsonsecurity.com
Employees Enter Sensitive Data Into GenAI Prompts Too Often
The propensity for users to enter customer data, source code, employee benefits information, financial data, and more into ChatGPT, Copilot, and others is racking up real risk for enterprises.
darkreading.com
The $10 Cyber Threat Responsible for the Biggest Breaches of 2024
You can tell the story of the current state of stolen credential-based attacks in three numbers:
thehackernews.com
New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones
New CPU side-channel attacks named SLAP and FLOP can be exploited to remotely steal data from Apple mobile and desktop devices.
securityweek.com
DeepSeek’s Safety Guardrails Failed Every Test Researchers Threw at Its AI Chatbot
Security researchers tested 50 well-known jailbreaks against DeepSeek’s popular new AI chatbot. It didn’t stop a single one.
wired.com
Trump and others want to ramp up cyber offense, but there’s plenty of doubt about the idea
Amid rising cyber threats, experts and lawmakers debate the effectiveness of the United States' aggressive offensive cyber strategies.
cyberscoop.com
North Koreans clone open source projects to plant backdoors, steal credentials
Stealing crypto is so 2024. Supply-chain attacks leading to data exfil pays off better?
theregister.com
DeepSeek AI Leaks Over a Million Chat Logs and Sensitive Data Online
DeepSeek, a Chinese AI startup, exposed sensitive data by leaving a database open. Wiz Research found chat logs, keys, and backend details accessible.
hackread.com
Patient monitors with backdoor are sending info to China, CISA warns
Contec CMS8000, a patient monitor manufactured by a Chinese company exfiltrates patients' data and has a dangerous backdoor.
helpnetsecurity.com
Malvertisers Fool Google With AI-Generated Decoys
Seemingly innocent "white pages," including an elaborate Star Wars-themed site, are bypassing Google's malvertising filters, showing up high in search results to lure users to second-stage phishing sites.
darkreading.com