Tag: technology
-
Facial recognition arrives at the gates of Disney’s magic kingdom
Tags: technologyDisney has equipped select entrance lanes at Disneyland Park and Disney California Adventure Park with facial recognition technology, saying the system is intended to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/07/disney-facial-recognition-entrance-lanes/
-
Operation Epic Fury Exposes Critical OT Security Gaps in U.S. Oil and Gas Sector
The cybersecurity posture of the U.S. oil and gas sector has come under renewed scrutiny following Operation Epic Fury, with a new independent survey revealing a disconnect between operator confidence and actual operational technology (OT) security capabilities. While companies across the upstream and midstream energy segments have accelerated cybersecurity investments since the February 28 launch…
-
Ten years later, has the GDPR fulfilled its purpose?
Tags: access, ai, breach, business, china, cio, compliance, data, data-breach, dora, finance, flaw, framework, GDPR, governance, government, international, jobs, law, mobile, office, privacy, regulation, risk, service, technology, tool, trainingFernando Maldonado, technology advisor at Foundry. MuleSoft. Gray areas remain: Still, if anything has been demonstrated in the decade since its entry into force, it’s that the GDPR still has a long way to go.Miguel Recio, president of APEP.IA (Spanish Professional Association for Privacy), argues that some of the limitations that have been exposed about the…
-
US government agency to safety test frontier AI models before release
Executive order ‘taking shape’: Following the announcement from CAISI, a published report on Wednesday indicated that the White House is on the verge of preparing an executive order that would see the creation of a vetting system for all new artificial intelligence models, key among them Anthropic’s Mythos.Bloomberg reported, “the directive is taking shape weeks…
-
UK Finance Sector Puts Cyber Defences to the Test in National Hackathon
Over the course of two days (April 27-28), banks, fintech companies, technology providers, and regulators from across the UK financial ecosystem came together for a cybersecurity competition designed to test real-world readiness, decision-making under pressure, and the ability to defend critical financial infrastructure against sophisticated attacks. Hosted by Lloyds Banking Group, Hack The Box, and…
-
CISA mulls new three-day remediation deadline for critical flaws
Tags: api, ceo, cisa, exploit, flaw, government, kev, msp, penetration-testing, technology, update, vulnerability, vulnerability-managementTight window: A CISA spokesperson declined to comment on the Reuters report, but security experts were more forthcoming, with most believing the idea is simply an acknowledgement that modern vulnerability management is evolving.One source of anxiety was that a three-day timeline would leave little time for meaningful testing, normally a time-consuming and complex undertaking that…
-
German officials advance legislation that would expand law enforcement use of surveillance technology
The bills would legalize the use of automated data analysis and artificial intelligence tools that let police upload a photo of a face and scour the internet for more images depicting the same person. First seen on therecord.media Jump to article: therecord.media/german-officials-advance-laws-surveillance
-
Instructure hacker claims data theft from 8,800 schools, universities
The hacker behind a breach at education technology giant Instructure claims to have stolen 280 million data records for students and staff from 8,809 colleges, school districts, and online education platforms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/instructure-hacker-claims-data-theft-from-8-800-schools-universities/
-
CISA mulls new three-day remediation deadline for critical flaws
Tags: api, ceo, cisa, exploit, flaw, government, kev, msp, penetration-testing, technology, update, vulnerability, vulnerability-managementTight window: A CISA spokesperson declined to comment on the Reuters report, but security experts were more forthcoming, with most believing the idea is simply an acknowledgement that modern vulnerability management is evolving.One source of anxiety was that a three-day timeline would leave little time for meaningful testing, normally a time-consuming and complex undertaking that…
-
German officials advance legislation that would expand law enforcement use of surveillance technology
The bills would legalize the use of automated data analysis and artificial intelligence tools that let police upload a photo of a face and scour the internet for more images depicting the same person. First seen on therecord.media Jump to article: therecord.media/german-officials-advance-laws-surveillance
-
CISA pushes critical infrastructure operators to prepare to work in isolation
Tags: access, attack, backup, business, ceo, cisa, control, cyber, cybersecurity, endpoint, exploit, government, incident response, infrastructure, iran, network, resilience, service, technology, threat, vpnA familiar playbook under a new name: While the framing of CI Fortify is new, the underlying concepts are not. Several experts say the initiative largely repackages long-standing practices around disaster recovery, business continuity, and incident response, areas where many organizations have historically underinvested.”It looks to me like traditional business continuity planning, disaster recovery, and…
-
CISOs step up to the security workforce challenge
Tags: ai, attack, automation, ciso, conference, control, cyber, cyberattack, cybersecurity, jobs, malicious, risk, skills, strategy, technology, threat, tool, trainingGomez-Sanchez and Turpin are speaking at the CSO Cybersecurity Awards & Conference, May 11-13. Reserve your place. And then there’s AI. When it comes to security, AI may help partially offset cyber skills shortages by automating certain tasks, but it also ramps up cyberattack volumes and expands the organizational attack surface, without fixing CISOs’ ongoing talent…
-
Educational tech firm Instructure data breach may have impacted 9,000 schools
Instructure, maker of the Canvas learning platform, is investigating a cyber incident that exposed users’ personal data. Instructure is a U.S.-based educational technology company best known for developing Canvas, one of the world’s most widely used learning management systems (LMS). The U.S. firm confirrmed a cybersecurity incident that exposed users’ personal information. The company is working with external…
-
Anthropic Mythos spurs White House to weigh pre-release reviews for high-risk AI models
Tags: access, ai, cybersecurity, exploit, framework, government, group, infrastructure, malicious, openai, risk, software, technology, update, vulnerabilityThe Mythos factor: The discussion follows Anthropic’s recent introduction of Mythos, a model the company has described as representing a watershed moment for cybersecurity.Anthropic has said Mythos Preview has found thousands of high-severity vulnerabilities, including some in every major operating system and web browser, and that AI models have reached a level of coding capability…
-
The Elephants in the Technology Room – Part 2
Tags: technologyWhy Technical Leaders Are Walking Away and What We Can Do to Fix It Leaders are expected to deliver results, yet often lack the authority to make key decisions. The article examines how this imbalance creates friction, undermines performance and turns accountability without authority into a persistent leadership challenge. First seen on govinfosecurity.com Jump to…
-
How Mythos Signals Cybersecurity Disruption
Tags: access, ai, attack, banking, browser, business, cybersecurity, data, exploit, finance, government, hacker, healthcare, infrastructure, microsoft, open-source, risk, software, technology, tool, update, vulnerability, zero-dayWhat is Mythos Mythos is Anthropic’s latest AI model, and it is stirring up a tornado of concern in cybersecurity circles. Even before its release, Mythos discovered thousands of new sensitive vulnerabilities in commercial and open-source software, including all major operating systems and web browsers. One was in existence for over 27 years without the industry…
-
Canvas Confirms Data Breach Following ShinyHunters Claim
Instructure, the educational technology company behind the widely used Canvas Learning Management System (LMS), has officially confirmed a major data breach. This confirmation directly follows recent claims made by the notorious threat actor group known as ShinyHunters. Canvas is a critical platform for thousands of universities and K-12 schools, making this breach a significant concern…
-
AI agents can bypass guardrails and put credentials at risk, Okta study finds
Phishing the agent: Why AI guardrails aren’t enough, a report on tests conducted by cloud identity and access management (IAM) company Okta Threat Intelligence, which uncovered all of the problems cited above, and more.Their research focused on OpenClaw, a model-agnostic multi-channel AI assistant which has seen explosive growth inside enterprises since appearing in late 2025.…
-
AI agents can bypass guardrails and put credentials at risk, Okta study finds
Phishing the agent: Why AI guardrails aren’t enough, a report on tests conducted by cloud identity and access management (IAM) company Okta Threat Intelligence, which uncovered all of the problems cited above, and more.Their research focused on OpenClaw, a model-agnostic multi-channel AI assistant which has seen explosive growth inside enterprises since appearing in late 2025.…
-
Cybersecurity Experts Unimpressed With CISA OT Guidance
Zero Trust Is ‘Essential’ – But Who Pays for It?. New guidance from the U.S. Cybersecurity and Infrastructure Security Agency on adapting zero trust security principles for operational technology is fine as far as it goes, but is pretty high-level and ignores or fudges a couple of key questions, say executives and experts. First seen…
-
AI agents can bypass guardrails and put credentials at risk, Okta study finds
Phishing the agent: Why AI guardrails aren’t enough, a report on tests conducted by cloud identity and access management (IAM) company Okta Threat Intelligence, which uncovered all of the problems cited above, and more.Their research focused on OpenClaw, a model-agnostic multi-channel AI assistant which has seen explosive growth inside enterprises since appearing in late 2025.…
-
IAM tools help Oracle Red Bull Racing keep pace with strict F1 regulations
Oracle Red Bull Racing massively improved the efficiency of its aerodynamics testing procedures after implementing new identity technology from 1Password. Learn more about this unlikely link First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642593/IAM-tools-help-Oracle-Red-Bull-Racing-keep-pace-with-strict-F1-regs
-
Bank regulator sounds warning over cybersecurity threat posed by AI models
Tags: access, ai, api, attack, banking, cloud, cyber, cyberattack, cybersecurity, defense, finance, flaw, germany, government, penetration-testing, service, supply-chain, technology, threat, vulnerabilityAccessing Mythos: It’s barely three weeks since Anthropic made Claude Mythos public on April 7 and it’s hard to recall a development that’s caused as much cybersecurity alarm in such a short space of time.Earlier this week, Michael Theurer, the chief supervisor of Bundesbank, Germany’s financial regulator, echoed APRA’s concern, telling Reuters that European banks…
-
Zambia cancels global digital freedoms conference days before start
On Tuesday, Zambia’s Minister of Technology and Science offered the first hint that the conference would be cancelled, telling a Zambian news outlet that participants’ security clearances were incomplete and that the government has concerns about the conference’s “dialogue.” First seen on therecord.media Jump to article: therecord.media/zabia-cancels-global-digital-freedoms-conference-shortly-before-start
-
US agencies promote zero-trust practices for operational technology networks
Many zero-trust defenses work differently in industrial environments than in traditional business networks, five federal agencies said in newly published guidance. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/zero-trust-operational-technology-us-guidance/818950/
-
CISA and Partners Publish Zero Trust Guidance For OT Security
A new CISA”‘led guide explains how zero”‘trust security can be applied to operational technology, balancing cyber defence with safety and system availability First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/zero-trust-guidance-operational/
-
ODNI to CISOs on threat assessments: You’re on your own
Tags: access, ai, china, ciso, computer, control, credentials, cyber, cybercrime, data, defense, detection, disinformation, encryption, finance, framework, government, healthcare, identity, infrastructure, intelligence, iran, jobs, korea, metric, resilience, risk, russia, service, strategy, technology, theft, threat, tool, warfareThe bifurcated framework: Operational reporting vs. homeland focus: The report now operates on two distinct tracks that risk narrowing the threat horizon for CROs. In a departure from traditional probabilistic forecasting, the IC has transitioned toward active operational reporting. This shift prioritizes immediate success metrics, such as a significant drop in border encounters and fentanyl…