Author: HackWatchit

AI agents dominated the first quarter of this year. You didn’t need to look far for startups, funding, and general excitement pouring into this sector. These everything assistants are capturing the public imagination by promising to revolutionize processes, efficiencies, and decision-making. At home and work, agents will become our best friends. But there’s a problem. Accurate insights require accurate information and, unfortunately, data pipelines currently draw from public and private sources without proper compensation or attribution. This copyright headache only deepens mistrust and misunderstanding of these tools. This matters since, without trust to welcome agents into our most important personal…

Qualys, this week, added a tool that makes it possible for organizations to continuously run audits in a way that promises to dramatically reduce failure rates.Anu Kapil, a senior product manager for Qualys, said Policy Audit leverages the unified agent software that Qualys developed to automate data collection and enforce policies. It is designed to automate evidence collection spanning more than 90 compliance frameworks. Whenever a gap is identified, IT teams can then apply more than 1,000 policies developed by Qualys to bring the organization back into compliance.Additionally, Qualys is making available an optional add-on tool, dubbed Audit Fix, that…

Software development is about to undergo a generative change. What this means is that AI (Artificial Intelligence) has the potential to make developers more productive, as three systems on the market already provide this: GitHub Copilot, Anthropic’s Claude and OpenAI’s ChatGPT. Hence, every developer, no matter if he or she specializes in AI or not, needs to understand and realize that as this technology is advancing so rapidly, any of us needs to know what it is, why it is relevant, and how to use it. In this article, we will explain what generative AI exactly is, what functionality current…

Darin Roberts // “Why do you recommend a 15-character password policy when (name your favorite policy here) recommends only 8-character minimum passwords?” I have had this question posed to me a couple of times in the very recent past.   There were 2 separate policies that were shown to me when asking these questions. First was the NIST policy.  From the NIST 800-63 guidelines, it says that “memorized secrets [are] to be at least 8 characters in length.”  Memorized secrets are defined to include passwords. The NIST guidelines were recently updated, but the password minimum length remains at 8 characters. Taken…

Transformers have changed the way artificial intelligence works, especially in understanding language and learning from data. At the core of these models are tensors (a generalized type of mathematical matrices that help process information) . As data moves through the different parts of a Transformer, these tensors are subject to different transformations that help the model make sense of things like sentences or images. Learning how tensors work inside Transformers can help you understand how today’s smartest AI systems actually work and think. What This Article Covers and What It Doesn’t ✅ This Article IS About: The flow of tensors from…

What steps should agencies take to better protect OT systems? DoD and industry experts share three steps agencies can take to prioritize security capabilities and reduce the risk exposure as operational technology and information technology systems become more integrated. Pick up pointers from our panel of experts: Adarryl Roberts, CIO, Defense Logistics Agency Daryl Haegley, Technical Director for Control Systems Cyber Resilience, Air Force and Space Force Heather Young, Regional Vice President of Public Sector, Claroty

​​Microsoft has released the KB5055627 preview cumulative update for Windows 11 24H2 with many new features gradually rolling out, and some new bug fixes for everyone. The KB5055627 update is part of the company’s optional non-security preview updates schedule, which pushes updates at the end of each month to let Windows admins test bug fixes, improvements, and features that will roll out during next month’s May Patch Tuesday release. Unlike regular Patch Tuesday cumulative updates, monthly non-security preview updates do not include security updates. You can install the KB5055627 update by opening Settings, clicking on Windows Update, and then on ‘Check for Updates.’…

The U.S. House Select Committee on the Chinese Communist Party (CCP) issued subpoenas to three Chinese state-owned telecom companies – China Mobile, China Telecom, and China Unicom, after they did not respond to a formal bipartisan congressional request for information sent on March 4. These subpoenas require compliance by May 7, 2025, as part of an ongoing investigation into whether these companies are still operating in the country in ways that could affect national security and the privacy of Americans’ data. The Committee noted that “should the companies continue to withhold cooperation, the Committee is prepared to consider further steps…

The Cybersecurity and Infrastructure Security Agency (CISA), a key agency responsible for protecting the United States’ critical infrastructure, has taken a significant step by instructing its threat hunting team to cease using VirusTotal—a widely used cybersecurity tool—by April 20, 2025. The decision is a part of a broader shift in CISA’s approach to threat intelligence and reflects growing concerns over the involvement of third-party platforms backed by large corporations, including Google. Furthermore, CISA has also directed its personnel to stop using Censys, a tool designed for tracking network vulnerabilities and internet-wide scanning, as of earlier this year in March. Both…