Cyber Story Time: The Boy Who Cried “Secure!” 2024-11-21 at 14:18 By As a relatively new security category, many security operators and executives I’ve met have asked us “What are these Automated Security Validation (ASV) tools?” We’ve covered that pretty extensively in the past, so today, instead of covering the “What is ASV?” I wanted […]
Cyber Story Time: The Boy Who Cried “Secure!” Read More »
Thousands of AI agents later, who even remembers what they do? 2024-11-21 at 13:31 By Lindsay Clark Gartner weighs the pros and cons of the latest enterprise hotness Among the optimism and opportunities perceived around AI agents, Gartner has spotted some risks – namely that organizations might create “thousands of bots, but nobody now remembers
Thousands of AI agents later, who even remembers what they do? Read More »
USDA Implements Phishing-Resistant Multi-Factor Authentication (MFA) with Fast Identity Online (FIDO) 2024-11-21 at 13:28 By daksh sharma Overview The U.S. Department of Agriculture (USDA) has announced the use of Fast IDentity Online (FIDO) protocols, a new solution for phishing-resistant authentication. This shift to FIDO-based multi-factor authentication (MFA) has proven successful in securing USDA systems against
2,000 Palo Alto Networks devices compromised in latest attacks 2024-11-21 at 13:27 By Zeljka Zorz Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation’s internet-wide scanning has revealed. Compromised devices are predominantly located in the US and India, the nonprofit says. Manual and
2,000 Palo Alto Networks devices compromised in latest attacks Read More »
Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online 2024-11-21 at 13:27 By New research has uncovered more than 145,000 internet-exposed Industrial Control Systems (ICS) across 175 countries, with the U.S. alone accounting for over one-third of the total exposures. The analysis, which comes from attack surface management company Censys, found that 38%
Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online Read More »
Now Online Safety Act is law, UK has ‘priorities’ – but still won’t explain ‘spy clause’ 2024-11-21 at 12:49 By Lindsay Clark Draft doc struggles to describe how theoretically encryption-busting powers might be used The UK government has set out plans detailing how it will use the new law it has created to control online
Now Online Safety Act is law, UK has ‘priorities’ – but still won’t explain ‘spy clause’ Read More »
HP Enterprise Security Edition protects PC hardware and firmware from physical attacks 2024-11-21 at 12:35 By Industry News HP announced HP Enterprise Security Edition, a suite of security capabilities designed to enhance the physical security of HP business class PCs. HP Enterprise Security Edition includes multilayered safeguards to protect PC hardware and firmware from targeted
HP Enterprise Security Edition protects PC hardware and firmware from physical attacks Read More »
HiddenLayer Automated Red Teaming prevents malicious manipulation of AI models 2024-11-21 at 12:13 By Industry News HiddenLayer launched Automated Red Teaming solution for artificial intelligence, a transformative tool that enables security teams to rapidly and thoroughly assess generative AI system vulnerabilities. The addition of this new product extends HiddenLayer’s AISec platform capabilities to include Automated
HiddenLayer Automated Red Teaming prevents malicious manipulation of AI models Read More »
Researchers unearth two previously unknown Linux backdoors 2024-11-21 at 12:12 By Help Net Security ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is cyberespionage that targets sensitive data such as system information, user credentials, and specific files and directories. These
Researchers unearth two previously unknown Linux backdoors Read More »
5 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cybercrime Scheme 2024-11-21 at 12:12 By Five alleged members of the infamous Scattered Spider cybercrime crew have been indicted in the U.S. for targeting employees of companies across the country using social engineering techniques to harvest credentials and using them to gain unauthorized access to sensitive
5 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cybercrime Scheme Read More »
Arm lays down the law with a blueprint to challenge x86’s PC dominance 2024-11-21 at 11:49 By Gavin Bonshor Now it’s up to OEMs and devs to decide whether they want in Arm has published its PC Base System Architecture (PC-BSA) specification, the blueprint for standardizing Arm-based PCs.… This article is an excerpt from The
Arm lays down the law with a blueprint to challenge x86’s PC dominance Read More »
Lenovo introduces ThinkShield Firmware Assurance 2024-11-21 at 11:49 By Industry News Lenovo introduced ThinkShield Firmware Assurance as part of its portfolio of enterprise-grade cybersecurity solutions. ThinkShield Firmware Assurance is one of the only computer OEM solutions to enable deep visibility and protection below the operating system (OS) by embracing Zero Trust Architecture (ZTA) component-level visibility
Lenovo introduces ThinkShield Firmware Assurance Read More »
Owl Cyber Defense Solutions unveils all-in-one PCIe data diode card 2024-11-21 at 11:49 By Industry News Owl Cyber Defense Solutions announced the latest release of Owl Talon, which includes integration with a new all-in-one PCIe data diode card – Owl Talon One. The new data diode card will enable Federal agencies and critical infrastructure providers
Owl Cyber Defense Solutions unveils all-in-one PCIe data diode card Read More »
Vanta announces new products to enhance GRC and trust programs 2024-11-21 at 11:22 By Industry News Vanta announced a number of new and upcoming products enabling customers to build, demonstrate and enhance their GRC and trust programs. The new offerings include Vanta for Marketplaces to strengthen trust across a company’s entire ecosystem; adaptive scoping; AI-powered
Vanta announces new products to enhance GRC and trust programs Read More »
Deep Instinct delivers malware and ransomware prevention for cloud data stored in S3 buckets 2024-11-21 at 11:22 By Industry News Deep Instinct launched Deep Instinct DSX for Cloud Amazon S3. As organizations increasingly rely on the cloud to power their digital transformation, businesses are generating and storing record amounts of data in the cloud. Cybercriminals
Ukrainian cyberwar experience becomes blueprint for TRYZUB cyber training service 2024-11-21 at 10:58 By Help Net Security The Computer Emergency Response Team of Ukraine (CERT-UA), part of the State Service of Special Communications and Information Protection (SSSCIP), has joined forces with the simulation training platform Cyber Ranges to unveil TRYZUB, a cyber resilience training and
Ukrainian cyberwar experience becomes blueprint for TRYZUB cyber training service Read More »
Actfore TRACE reduces keystrokes and expedites data extraction 2024-11-21 at 10:58 By Industry News Actfore unveiled TRACE (Targeted Retrieval and Automated Content Extraction), an auto-extraction feature to accelerate and improve the accuracy of data mining processes for breach notification list generation. TRACE will be integrated into all future Actfore deployments, underscoring the company’s commitment to
Actfore TRACE reduces keystrokes and expedites data extraction Read More »
AI hiring bias? Men with Anglo-Saxon names score lower in tech interviews 2024-11-21 at 10:45 By Thomas Claburn Study suggests hiding every Tom, Dick, and Harry’s personal info from HR bots In mock interviews for software engineering jobs, recent AI models that evaluated responses rated men less favorably – particularly those with Anglo-Saxon names, according
AI hiring bias? Men with Anglo-Saxon names score lower in tech interviews Read More »
Zitadel raises $9 million to accelerate product development 2024-11-21 at 10:44 By Industry News Zitadel announced its $9 million Series A funding round led by Nexus Venture Partners with participation from Floodgate. Both firms represent the world’s best experts in open source, developer tools, and identity infrastructure. Zitadel’s developer-first approach and a strong focus on data
Zitadel raises $9 million to accelerate product development Read More »
Google’s AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects 2024-11-21 at 10:18 By Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has been used to help identify 26 vulnerabilities in various open-source code repositories, including a medium-severity flaw in the OpenSSL cryptographic library. “These particular vulnerabilities represent a milestone for automated vulnerability finding:
Google’s AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects Read More »