Category: AI in news
He believes these dual-title roles can provide a more direct reporting line to the CEO or board, which is important for risk reporting. It gives the CISO greater autonomy to report to the board and helps them understand business risk because the CISO is looking across all the different parts of the organization. “It’s not…
Read More
Jul 10, 2024NewsroomVulnerability / Network Security Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE). The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due…
Read More
“Prior to our work, there was no publicly-known attack exploiting MD5 to violate the integrity of the RADIUS/UDP traffic,” the researchers wrote in a blog post. “However, attacks continue to get faster, cheaper, become more widely available, and become more practical against real protocols. Protocols that we thought might be ‘secure enough,’ in spite of…
Read More
A few weeks ago, my wife asked me why stopping threat actors from impacting our lives is so difficult. In this digital age, the necessity to connect online brings inherent exposure to vulnerabilities. The challenge for you as a security leader lies in reducing the sense of vulnerability by building trust. You need to protect…
Read More
Microsoft Corp. today issued software updates to plug at least 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users. The first Microsoft zero-day this month is CVE-2024-38080, a bug in the Windows Hyper-V component…
Read More
In episode six of The AI Fix, our hosts discover an unusual place to put a traffic cone, Mark learns why Americans should pretend to be from Brazil, and Graham discovers a way to make any situation much, much worse. Graham inflicts his terrible Australian accent on Mark while explaining bot-on-bot crime, and Mark tells…
Read More
“The main reason was ensuring all staff could access critical security tools like Microsoft Authenticator,” according to Robert. “The app is available on both iOS and Android worldwide, but Google Play’s absence in China presented challenges for Android users there.” Other authentication apps are available but using Microsoft’s own technology on a single supported device…
Read MoreReverse-Engineering Ticketmaster’s Barcode System Interesting: By reverse-engineering how Ticketmaster and AXS actually make their electronic tickets, scalpers have essentially figured out how to regenerate specific, genuine tickets that they have legally purchased from scratch onto infrastructure that they control. In doing so, they are removing the anti-scalping restrictions put on the tickets by Ticketmaster and…
Read More
“Splunk adds a lot of data to Cisco security,” Kerravala says. “The cyber industry is changing from reactive tools to AI-based security platforms that can find needles in a stack of needles. The efficacy of AI will be based on the quality of the AI algorithms combined with [Cisco security]. Plus, Splunk gives Cisco more data than any other security vendor. It should be…
Read More
A ransomware attack against South Africa’s National Health Laboratory Service (NHLS) has put lives at risk and created chaos for healthcare services across the country. On June 22, the BlackSuit ransomware group hit NHLS, leaving it unable to process millions of blood tests. This means serious conditions have been left undiagnosed and lives endangered. This…
Read More