Category: AI in news
The China-nexus cyber espionage group tracked as Volt Typhoon has been attributed with moderate confidence to the zero-day exploitation of a recently disclosed high-severity security flaw impacting Versa Director. The attacks targeted four U.S. victims and one non-U.S. victim in the Internet service provider (ISP), managed service provider (MSP) and information technology (IT) sectors as…
Read More
The cloud, artificial intelligence (AI), machine learning and other technological breakthroughs are radically changing the modern work environment. New assets and services offer increased flexibility, growth potential and access to more resources. However, they also introduce new security risks. Managing vulnerabilities across this ever-expanding threat landscape requires a risk-based approach beyond point solutions and reactive…
Read More
Empowering K-12 schools and libraries to strengthen their cybersecurity posture with new funding opportunities and best practices. Recent attacks reveal that K-12 schools and libraries are prime targets for cyber actors. Ransomware attacks have had dire consequences and highlighted the need for such institutions to strengthen their cybersecurity posture and reduce risk. Increased attacks against…
Read More
CVE-2024-7971, which also received a CVSS rating of 8.8 out of 10, was fixed by Google last week in the same release that also patched CVE-2024-7965. Both the flaws were fixed in Chrome version 128.0.6613.84/.85 for Windows/macOS systems and version 128.0.6613.84 Linux users. The other eight vulnerabilities that make up the list of zero-days Google…
Read MoreThe Present and Future of TV Surveillance Ars Technica has a good article on what’s happening in the world of television surveillance. More than even I realized. Tags: privacy, surveillance, television, tracking Posted on August 27, 2024 at 7:08 AM • 0 Comments Sidebar photo of Bruce Schneier by Joe MacInnis. Source link lol
Read More
A handful of Russian government institutions have partnered up with Standoff 365 and BI.ZONE, which indicates a change in the perception bug bounty programs and the Russian hacking community, which until recently was seen as a threat to security rather than a means of enhancing it. In February 2023, the Ministry of Digital Development enrolled 10 of…
Read More
How to protect your business against phishing A big part of protecting your business, employees, and customers from phishing attacks is by leveraging industry standards and implementing best practices whenever possible. Standards like Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) are all intended to fight the…
Read More
Aug 27, 2024Ravie LakshmananAI Security / Vulnerability Details have emerged about a now-patched vulnerability in Microsoft 365 Copilot that could enable the theft of sensitive user information using a technique called ASCII smuggling. “ASCII Smuggling is a novel technique that uses special Unicode characters that mirror ASCII but are actually not visible in the user…
Read More
Risks from exposed documents In his report Fowler noted that the potential risks of invoice fraud from stolen documents affect both business-to-customer (B2C) and business-to-business (B2B) transactions. “Exposed invoices and internal business documents can potentially serve as a template for criminals to target victims using internal information that only the business and the customer would…
Read More
Aug 26, 2024Ravie LakshmananVulnerability / Enterprise Security SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug. “An improper access control vulnerability…
Read More