Welcome reader to your CybersecurityHQ report.

Headlines

The ongoing TikTok ban saga continues — this time with a relatable twist: a group chat invite gone wrong. A researcher from ByteDance, the Chinese company that owns TikTok, was added to a group chat meant for US artificial intelligence (AI) safety experts. The group chat was part of the US National Institute of Standards and Technology’s (NIST) Artificial Intelligence Safety Institute Consortium, a platform for discussions on AI safety among American tech companies, universities, AI startups, and other organizations.

The researcher was added as a volunteer by a consortium member but was removed by NIST upon realizing the person was an employee of ByteDance, which was an apparent violation of the consortium's code of conduct.

Major vulnerabilities in Ivanti products opened the door for hackers in a recent attack on the Cybersecurity and Infrastructure Security Agency (CISA). Despite warnings issued in late February about cyber attackers exploiting Ivanti Connect Secure and Ivanti Policy Secure gateways, CISA's systems were compromised, affecting two critical tools: the Infrastructure Protection (IP) Gateway and the Chemical Security Assessment Tool (CSAT), which contain sensitive infrastructure and chemical security data.

The affected systems were taken offline, with no reported operational impact. This incident follows CISA's directive for federal agencies to secure Ivanti VPN devices against potential threats. No specific attackers have been named.

The English football club Manchester United is being sued for a 2018 incident where its HR department accidentally emailed wage slips for hundreds of its staff. The plaintiffs are seeking £100,000 ($127,000) in damages.

Among the data released were National Insurance numbers, pension benefit details, addresses, wages, and more.

Interesting Read

Safer home environments are one step closer, thanks to the new Verified Product Security Mark by the Connectivity Standards Alliance (CSA). Jennifer Pattison Tuohy, writing for The Verge, outlines how this new standard might enhance security in the Internet of Things (IoT).

If there is widespread adherence to a global security standard, we could see an even greater adoption of IoT technology while also making our homes more secure. The implications of this, as well as details on the standard, are covered in Tuohy’s article.

Employment Tip: Interview Prep

While education, experience, and a polished resume are all essential, many of the best roles require hitting the interview out of the park. That’s because an interview is the best way to “feel out” how a candidate actually interacts with others and thinks on their feet. For that reason, make sure to practice answering common questions, have relevant anecdotes at hand that showcase your experience and skills, and work on listening skills. An interview is also your opportunity to learn about the company! Ask questions to make sure they are a good fit for you.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team